diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 4abab1b..03068db 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -13,7 +13,9 @@ We encourage you to read this project's CONTRIBUTING policy (you are here), its If you would like to comment and provide feedback on the metadata standard, please let us know by filing an **issue on our GitHub repository.** -We are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). +We encourage agencies to contribute by submitting a pull request to [include their extended schema in the repository](../schemas). This helps foster collaboration and ensures shared improvements benefit the wider community. + +For CMS, we are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). ### Team Specific Guidelines @@ -52,7 +54,7 @@ N/A If you would like to comment on the metadata standard, please let us know by filing an **issue on our GitHub repository.** -We are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). +For CMS, we are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). ### Writing Pull Requests @@ -102,7 +104,7 @@ Pull requests will be reviewed by the CMS Open Source Program Office team as det ## Documentation -Refer to [/docs](./docs/) for information about CMS code.json metadata standard. +Refer to [/docs](./docs/) for information about code.json metadata standard. ## Policies @@ -122,4 +124,4 @@ For more information about our Security, Vulnerability, and Responsible Disclosu This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the [CC0 1.0 Universal public domain dedication](https://creativecommons.org/publicdomain/zero/1.0/). -All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest. +All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest. \ No newline at end of file diff --git a/README.md b/README.md index 720ef2c..03dae57 100644 --- a/README.md +++ b/README.md @@ -1,15 +1,15 @@ # gov-codejson -CMS code.json: An agency-wide metadata standard for software projects +code.json: An agency-wide metadata standard for software projects ## About the Project -This repository contains documentation on CMS code.json, a metadata standard used to collect information on the agency's software projects in compliance with [M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) and the [SHARE IT Act](https://www.congress.gov/bill/118th-congress/house-bill/9566/text/ih). +This repository contains documentation on code.json, a metadata standard used to collect information on the agency's software projects in compliance with [M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) and the [SHARE IT Act](https://www.congress.gov/bill/118th-congress/house-bill/9566/text/ih). -- [metadata.md](./docs/metadata.md): Overview on CMS code.json metadata standard -- [schemas](./schemas): code.json schema +- [metadata.md](./docs/metadata.md): Overview on code.json metadata standard +- [schemas](./schemas): code.json generic schema and agency-level schemas - [procedures.md](./docs/procedures.md): Procedures and tools on creating and updating metadata -- [examples.md](./docs/metadata_examples.md): Good examples of metadata in current agency code.json files +- [examples.md](./docs/examples.md): Good examples of metadata in current agency code.json files - [faq.md](./docs/faq.md): Frequently Asked Questions ### Project Vision @@ -112,7 +112,7 @@ Information about how the gov-codejson community is governed may be found in [GO If you would like to comment on the metadata standard, please let us know by filing an **issue on our GitHub repository.** -We are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). +We are open to adding more CMS fields to code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). If you have ideas for how we can improve or add to our capacity building efforts and methods for welcoming people into our community, please let us know at opensource@cms.hhs.gov. @@ -142,4 +142,4 @@ For more information and resources about SBOMs, visit: https://www.cisa.gov/sbom This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the [CC0 1.0 Universal public domain dedication](https://creativecommons.org/publicdomain/zero/1.0/) as indicated in [LICENSE](LICENSE). -All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest. +All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest. \ No newline at end of file diff --git a/code.json b/code.json index 80511d3..54fbaea 100644 --- a/code.json +++ b/code.json @@ -1,7 +1,7 @@ { "name": "gov-codejson", - "description": "CMS code.json: An agency-wide metadata standard for software projects", - "longDescription": "This repository contains documentation on CMS code.json, a metadata standard used to collect information on the agency's software projects in compliance with M-16-21 and the SHARE IT Act.", + "description": "code.json: An agency-wide metadata standard for software projects", + "longDescription": "This repository contains documentation on code.json, a metadata standard used to collect information on the agency's software projects in compliance with M-16-21 and the SHARE IT Act.", "status": "Production", "permissions": { "license": [ @@ -17,17 +17,31 @@ "repositoryURL": "https://github.com/DSACMS/gov-codejson", "vcs": "git", "laborHours": 3479, - "platforms": ["web"], - "categories": ["knowledge-management", "help-desk"], + "platforms": [ + "web" + ], + "categories": [ + "knowledge-management", + "help-desk" + ], "softwareType": "standalone/web", - "languages": ["Markdown"], + "languages": [ + "Markdown" + ], "maintenance": "internal", "date": { "created": "2025-02-04T21:59:53Z", "lastModified": "2025-02-11T18:45:30Z", "metaDataLastUpdated": "2025-02-11T18:47:02.924Z" }, - "tags": ["guide", "codejson", "OSPO", "metadata", "SHAREIT", "M-16-21"], + "tags": [ + "guide", + "codejson", + "OSPO", + "metadata", + "SHAREIT", + "M-16-21" + ], "contact": { "email": "opensource@cms.hhs.gov", "name": "CMS Open Source Team" @@ -37,8 +51,12 @@ "userInput": false, "fismaLevel": "Low", "group": "CMS/OA/DSAC", - "subsetInHealthcare": ["Operational"], - "userType": ["Government"], + "subsetInHealthcare": [ + "Operational" + ], + "userType": [ + "Government" + ], "repositoryHost": "github.com/DSACMS", "maturityModelTier": 3 -} +} \ No newline at end of file diff --git a/docs/faq.md b/docs/faq.md index 160eef0..2498593 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -52,8 +52,14 @@ By collecting metadata on every software project, this allows the agency to buil ### Is code.json mandatory for all repositories? -Yes. As per M-16-21 and the SHARE IT Act, agencies are required to publish metadata on all custom-developed code after August 8th 2016, which is not subject to exemptions (see: Sec 6 of [M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) and SHARE IT ACT exemptions) +Yes. As per M-16-21, agencies are required to publish metadata on all custom-developed code after August 8th 2016, which is not subject to exemptions (see: Sec 6 of [M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf)). + +As per the SHARE IT Act, agencies are required to publish metadata on all custom-developed code after July 22, 2025, which is not subject to exemptions (see: [SHARE IT ACT exemptions](https://www.congress.gov/118/plaws/publ187/PLAW-118publ187.pdf)). ### I have feedback on additions and improvements to the code.json metadata standard. Where can I share this? We are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). + +### My agency extended the code.json schema to add more metadata fields. Where can I share this? + +We encourage agencies to contribute by submitting a pull request to [include their extended schema in the repository](../schemas). This helps foster collaboration and ensures shared improvements benefit the wider community. \ No newline at end of file diff --git a/docs/metadata.md b/docs/metadata.md index 6fd1c4f..0bc47a0 100644 --- a/docs/metadata.md +++ b/docs/metadata.md @@ -1,14 +1,23 @@ # Code.json -CMS `code.json` is a metadata standard created to collect information on the agency's software projects. This is composed of: +`code.json` is a metadata standard created to collect information on the agency's software projects. This is composed of: - federal code.json standard, created as part of [M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) -- metadata CMS would like to collect (e.g. FISMA level, repository host, group) - required metadata outlined in the [SHARE IT ACT](https://www.congress.gov/bill/118th-congress/house-bill/9566/text/ih) (e.g. repository visibility, contract number) - publiccode.yml metadata, an international metadata standard By harmonizing various standards, this opens up the opportunity to share our work not just on an agency level but also on a national and international level. +The generic code.json schema can be found in the [`schemas` directory](../schemas/schema.1.0.0.json). + +### Extending the schema for agency use + +The generic schema is designed to be extensible, allowing agencies to add metadata fields that are relevant to their specific needs. + +For example, CMS has their [own schema](../schemas/cms/) that includes new fields such as FISMA level, subset in healthcare, and systems. + +We encourage agencies to contribute by submitting a pull request to [include their extended schema in the repository](../schemas). This helps foster collaboration and ensures shared improvements benefit the wider community. + ### Fields **Legend** @@ -443,4 +452,4 @@ Full schema can be found in [schema-0.1.0.json](../schemas/schema-0.1.0.json). ### Adding new metadata fields -We are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). +For CMS, we are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). diff --git a/schemas/schema-0.0.0.json b/schemas/cms/schema-0.0.0.json similarity index 100% rename from schemas/schema-0.0.0.json rename to schemas/cms/schema-0.0.0.json diff --git a/schemas/schema-0.1.0.json b/schemas/cms/schema-0.1.0.json similarity index 100% rename from schemas/schema-0.1.0.json rename to schemas/cms/schema-0.1.0.json diff --git a/schemas/schema-1.0.0.json b/schemas/schema-1.0.0.json new file mode 100644 index 0000000..84970e0 --- /dev/null +++ b/schemas/schema-1.0.0.json @@ -0,0 +1,295 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "code.json metadata", + "description": "A metadata standard for software repositories", + "type": "object", + "properties": { + "items": { + "name": { + "type": "string", + "description": "Name of the project or software" + }, + "description": { + "type": "string", + "description": "A short description of the project. It should be a single line containing a single sentence. Maximum 150 characters are allowed.", + "maxLength": 150 + }, + "longDescription": { + "type": "string", + "description": "Provide longer description of the software, between 150 and 10000 chars. It is meant to provide an overview of the capabilities of the software for a potential user.", + "minLength": 150, + "maxLength": 10000 + }, + "status": { + "type": "string", + "enum": [ + "Ideation", + "Development", + "Alpha", + "Beta", + "Release Candidate", + "Production", + "Archival" + ], + "description": "Development status of the project" + }, + "permissions": { + "type": "object", + "description": "An object containing description of the usage/restrictions regarding the release", + "properties": { + "licenses": { + "type": "array", + "description": "License(s) for the release", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "enum": [ + "CC0-1.0", + "Apache-2.0", + "MIT", + "MPL-2.0", + "GPL-2.0-only", + "GPL-3.0-only", + "GPL-3.0-or-later", + "LGPL-2.1-only", + "LGPL-3.0-only", + "BSD-2-Clause", + "BSD-3-Clause", + "EPL-2.0", + "Other", + "None" + ], + "description": "An abbreviation for the name of the license" + }, + "URL": { + "type": "string", + "format": "uri", + "description": "The URL of the release license in the repository" + } + }, + "required": [ + "name", + "URL" + ] + } + }, + "usageType": { + "type": "string", + "description": "A list of enumerated values which describes the usage permissions for the release: (1) openSource: Open source; (2) governmentWideReuse: Government-wide reuse; (3) exemptByLaw: The sharing of the source code is restricted by law or regulation, including—but not limited to—patent or intellectual property law, the Export Asset Regulations, the International Traffic in Arms Regulation, and the Federal laws and regulations governing classified information; (4) exemptByNationalSecurity: The sharing of the source code would create an identifiable risk to the detriment of national security, confidentiality of Government information, or individual privacy; (5) exemptByAgencySystem: The sharing of the source code would create an identifiable risk to the stability, security, or integrity of the agency’s systems or personnel, (6) exemptByAgencyMission: The sharing of the source code would create an identifiable risk to agency mission, programs, or operations; (7) exemptByCIO: The CIO believes it is in the national interest to exempt sharing the source code; (8) exemptByPolicyDate: The release was created prior to the M-16-21 policy (August 8, 2016)", + "enum": [ + "openSource", + "governmentWideReuse", + "exemptByLaw", + "exemptByNationalSecurity", + "exemptByAgencySystem", + "exemptByAgencyMission", + "exemptByCIO", + "exemptByPolicyDate" + ], + "additionalProperties": false + }, + "exemptionText": { + "type": [ + "string", + "null" + ], + "description": "If an exemption is listed in the 'usageType' field, this field should include a one- or two- sentence justification for the exemption used." + } + }, + "additionalProperties": false, + "required": [ + "licenses", + "usageType" + ] + }, + "organization": { + "type": "string", + "description": "Organization responsible for the project", + "enum": [ + "Centers for Medicare & Medicaid Services" + ] + }, + "repositoryURL": { + "type": "string", + "format": "uri", + "description": "The URL of the public release repository for open source repositories. This field is not required for repositories that are only available as government-wide reuse or are closed (pursuant to one of the exemptions)." + }, + "repositoryVisibility": { + "type": "string", + "enum": [ + "public", + "private" + ], + "description": "Visibility of repository" + }, + "vcs": { + "type": "string", + "description": "Version control system used", + "enum": [ + "git", + "hg", + "svn", + "rcs", + "bzr" + ] + }, + "laborHours": { + "type": "number", + "description": "Labor hours invested in the project. Calculated using COCOMO measured by the SCC tool: https://github.com/boyter/scc?tab=readme-ov-file#cocomo" + }, + "reuseFrequency": { + "type": "object", + "description": "Measures frequency of code reuse in various forms. (e.g. forks, downloads, clones)", + "properties": { + "forks": { + "type": "integer" + }, + "clones": { + "type": "integer" + } + }, + "additionalProperties": true + }, + "platforms": { + "type": "array", + "description": "Platforms supported by the project", + "items": { + "type": "string", + "enum": [ + "web", + "windows", + "mac", + "linux", + "ios", + "android", + "other" + ] + } + }, + "categories": { + "type": "array", + "description": "Categories the project belongs to. Select from: https://yml.publiccode.tools/categories-list.html", + "items": { + "type": "string" + } + }, + "softwareType": { + "type": "string", + "description": "Type of software", + "enum": [ + "standalone/mobile", + "standalone/iot", + "standalone/desktop", + "standalone/web", + "standalone/backend", + "standalone/other", + "addon", + "library", + "configurationFiles" + ] + }, + "languages": { + "type": "array", + "description": "Programming languages that make up the codebase", + "items": { + "type": "string" + } + }, + "maintenance": { + "type": "string", + "description": "The dedicated staff that keeps the software up-to-date, if any", + "enum": [ + "internal", + "contract", + "community", + "none" + ] + }, + "contractNumber": { + "type": "string", + "description": "Contract number" + }, + "date": { + "type": "object", + "description": "A date object describing the release", + "properties": { + "created": { + "type": "string", + "format": "date-time", + "description": "Creation date of project." + }, + "lastModified": { + "type": "string", + "format": "date-time", + "description": "Date when the project was last modified" + }, + "metaDataLastUpdated": { + "type": "string", + "format": "date-time", + "description": "Date when metadata was last updated" + } + } + }, + "tags": { + "type": "array", + "description": "Topics and keywords associated with the project to improve search and discoverability", + "items": { + "type": "string" + } + }, + "contact": { + "type": "object", + "description": "Point of contact for the release", + "properties": { + "email": { + "type": "string", + "format": "email", + "description": "Email address of the point of contact" + }, + "name": { + "type": "string", + "description": "Name of the point of contact" + } + } + }, + "feedbackMechanisms": { + "type": "array", + "description": "Methods a repository receives feedback from the community. Default value is the URL to GitHub repository issues page.", + "items": { + "type": "string" + } + }, + "localisation": { + "type": "boolean", + "description": "Indicates if the project supports multiple languages" + } + } + }, + "required": [ + "name", + "description", + "longDescription", + "status", + "permissions", + "organization", + "repositoryURL", + "repositoryVisibility", + "vcs", + "laborHours", + "reuseFrequency", + "platforms", + "categories", + "softwareType", + "languages", + "maintenance", + "contractNumber", + "date", + "tags", + "contact", + "feedbackMechanisms", + "localisation" + ], + "additionalProperties": false +} \ No newline at end of file