From 61e69e7f4c1a0259c43ae05b5be2919abee65dd4 Mon Sep 17 00:00:00 2001 From: Natalia Luzuriaga Date: Tue, 13 May 2025 15:12:14 -0700 Subject: [PATCH 1/7] Wrote docs on generic schema and extending schema for agency use Signed-off-by: Natalia Luzuriaga --- docs/metadata.md | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/docs/metadata.md b/docs/metadata.md index 6fd1c4f..0bc47a0 100644 --- a/docs/metadata.md +++ b/docs/metadata.md @@ -1,14 +1,23 @@ # Code.json -CMS `code.json` is a metadata standard created to collect information on the agency's software projects. This is composed of: +`code.json` is a metadata standard created to collect information on the agency's software projects. This is composed of: - federal code.json standard, created as part of [M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) -- metadata CMS would like to collect (e.g. FISMA level, repository host, group) - required metadata outlined in the [SHARE IT ACT](https://www.congress.gov/bill/118th-congress/house-bill/9566/text/ih) (e.g. repository visibility, contract number) - publiccode.yml metadata, an international metadata standard By harmonizing various standards, this opens up the opportunity to share our work not just on an agency level but also on a national and international level. +The generic code.json schema can be found in the [`schemas` directory](../schemas/schema.1.0.0.json). + +### Extending the schema for agency use + +The generic schema is designed to be extensible, allowing agencies to add metadata fields that are relevant to their specific needs. + +For example, CMS has their [own schema](../schemas/cms/) that includes new fields such as FISMA level, subset in healthcare, and systems. + +We encourage agencies to contribute by submitting a pull request to [include their extended schema in the repository](../schemas). This helps foster collaboration and ensures shared improvements benefit the wider community. + ### Fields **Legend** @@ -443,4 +452,4 @@ Full schema can be found in [schema-0.1.0.json](../schemas/schema-0.1.0.json). ### Adding new metadata fields -We are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). +For CMS, we are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). From 8844d49364ad58e33d0e87960c775743e77112d6 Mon Sep 17 00:00:00 2001 From: Natalia Luzuriaga Date: Tue, 13 May 2025 15:12:35 -0700 Subject: [PATCH 2/7] Updated CONTRIBUTING and README.md by removing mentions of CMS Signed-off-by: Natalia Luzuriaga --- CONTRIBUTING.md | 10 ++++++---- README.md | 14 +++++++------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 4abab1b..03068db 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -13,7 +13,9 @@ We encourage you to read this project's CONTRIBUTING policy (you are here), its If you would like to comment and provide feedback on the metadata standard, please let us know by filing an **issue on our GitHub repository.** -We are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). +We encourage agencies to contribute by submitting a pull request to [include their extended schema in the repository](../schemas). This helps foster collaboration and ensures shared improvements benefit the wider community. + +For CMS, we are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). ### Team Specific Guidelines @@ -52,7 +54,7 @@ N/A If you would like to comment on the metadata standard, please let us know by filing an **issue on our GitHub repository.** -We are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). +For CMS, we are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). ### Writing Pull Requests @@ -102,7 +104,7 @@ Pull requests will be reviewed by the CMS Open Source Program Office team as det ## Documentation -Refer to [/docs](./docs/) for information about CMS code.json metadata standard. +Refer to [/docs](./docs/) for information about code.json metadata standard. ## Policies @@ -122,4 +124,4 @@ For more information about our Security, Vulnerability, and Responsible Disclosu This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the [CC0 1.0 Universal public domain dedication](https://creativecommons.org/publicdomain/zero/1.0/). -All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest. +All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest. \ No newline at end of file diff --git a/README.md b/README.md index 720ef2c..03dae57 100644 --- a/README.md +++ b/README.md @@ -1,15 +1,15 @@ # gov-codejson -CMS code.json: An agency-wide metadata standard for software projects +code.json: An agency-wide metadata standard for software projects ## About the Project -This repository contains documentation on CMS code.json, a metadata standard used to collect information on the agency's software projects in compliance with [M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) and the [SHARE IT Act](https://www.congress.gov/bill/118th-congress/house-bill/9566/text/ih). +This repository contains documentation on code.json, a metadata standard used to collect information on the agency's software projects in compliance with [M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) and the [SHARE IT Act](https://www.congress.gov/bill/118th-congress/house-bill/9566/text/ih). -- [metadata.md](./docs/metadata.md): Overview on CMS code.json metadata standard -- [schemas](./schemas): code.json schema +- [metadata.md](./docs/metadata.md): Overview on code.json metadata standard +- [schemas](./schemas): code.json generic schema and agency-level schemas - [procedures.md](./docs/procedures.md): Procedures and tools on creating and updating metadata -- [examples.md](./docs/metadata_examples.md): Good examples of metadata in current agency code.json files +- [examples.md](./docs/examples.md): Good examples of metadata in current agency code.json files - [faq.md](./docs/faq.md): Frequently Asked Questions ### Project Vision @@ -112,7 +112,7 @@ Information about how the gov-codejson community is governed may be found in [GO If you would like to comment on the metadata standard, please let us know by filing an **issue on our GitHub repository.** -We are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). +We are open to adding more CMS fields to code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). If you have ideas for how we can improve or add to our capacity building efforts and methods for welcoming people into our community, please let us know at opensource@cms.hhs.gov. @@ -142,4 +142,4 @@ For more information and resources about SBOMs, visit: https://www.cisa.gov/sbom This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the [CC0 1.0 Universal public domain dedication](https://creativecommons.org/publicdomain/zero/1.0/) as indicated in [LICENSE](LICENSE). -All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest. +All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest. \ No newline at end of file From b0a47edda2717665c34edc837da3d59e38d0bfe2 Mon Sep 17 00:00:00 2001 From: Natalia Luzuriaga Date: Tue, 13 May 2025 15:12:47 -0700 Subject: [PATCH 3/7] Removed mentions of CMS in code.json Signed-off-by: Natalia Luzuriaga --- code.json | 36 +++++++++++++++++++++++++++--------- 1 file changed, 27 insertions(+), 9 deletions(-) diff --git a/code.json b/code.json index 80511d3..54fbaea 100644 --- a/code.json +++ b/code.json @@ -1,7 +1,7 @@ { "name": "gov-codejson", - "description": "CMS code.json: An agency-wide metadata standard for software projects", - "longDescription": "This repository contains documentation on CMS code.json, a metadata standard used to collect information on the agency's software projects in compliance with M-16-21 and the SHARE IT Act.", + "description": "code.json: An agency-wide metadata standard for software projects", + "longDescription": "This repository contains documentation on code.json, a metadata standard used to collect information on the agency's software projects in compliance with M-16-21 and the SHARE IT Act.", "status": "Production", "permissions": { "license": [ @@ -17,17 +17,31 @@ "repositoryURL": "https://github.com/DSACMS/gov-codejson", "vcs": "git", "laborHours": 3479, - "platforms": ["web"], - "categories": ["knowledge-management", "help-desk"], + "platforms": [ + "web" + ], + "categories": [ + "knowledge-management", + "help-desk" + ], "softwareType": "standalone/web", - "languages": ["Markdown"], + "languages": [ + "Markdown" + ], "maintenance": "internal", "date": { "created": "2025-02-04T21:59:53Z", "lastModified": "2025-02-11T18:45:30Z", "metaDataLastUpdated": "2025-02-11T18:47:02.924Z" }, - "tags": ["guide", "codejson", "OSPO", "metadata", "SHAREIT", "M-16-21"], + "tags": [ + "guide", + "codejson", + "OSPO", + "metadata", + "SHAREIT", + "M-16-21" + ], "contact": { "email": "opensource@cms.hhs.gov", "name": "CMS Open Source Team" @@ -37,8 +51,12 @@ "userInput": false, "fismaLevel": "Low", "group": "CMS/OA/DSAC", - "subsetInHealthcare": ["Operational"], - "userType": ["Government"], + "subsetInHealthcare": [ + "Operational" + ], + "userType": [ + "Government" + ], "repositoryHost": "github.com/DSACMS", "maturityModelTier": 3 -} +} \ No newline at end of file From b24a0c903e7ab97073411ee6bdea4b567e3e5862 Mon Sep 17 00:00:00 2001 From: Natalia Luzuriaga Date: Tue, 13 May 2025 15:13:33 -0700 Subject: [PATCH 4/7] Updated links and added extending schema question to FAQ Signed-off-by: Natalia Luzuriaga --- docs/faq.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/faq.md b/docs/faq.md index 160eef0..60de36b 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -52,8 +52,14 @@ By collecting metadata on every software project, this allows the agency to buil ### Is code.json mandatory for all repositories? -Yes. As per M-16-21 and the SHARE IT Act, agencies are required to publish metadata on all custom-developed code after August 8th 2016, which is not subject to exemptions (see: Sec 6 of [M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf) and SHARE IT ACT exemptions) +Yes. As per M-16-21, agencies are required to publish metadata on all custom-developed code after August 8th 2016, which is not subject to exemptions (see: Sec 6 of M-16-21 and + +As per the SHARE IT Act, agencies are required to publish metadata on all custom-developed code after July 22, 2025, which is not subject to exemptions (see: [SHARE IT ACT exemptions](https://www.congress.gov/118/plaws/publ187/PLAW-118publ187.pdf)). ### I have feedback on additions and improvements to the code.json metadata standard. Where can I share this? We are open to adding more fields to CMS code.json for any metadata the agency sees value in collecting. Request new metadata fields by filing a metadata field addition issue [here](https://github.com/DSACMS/gov-codejson/issues/new?template=metadata-field-addition.md). + +### My agency extended the code.json schema to add more metadata fields. Where can I share this? + +We encourage agencies to contribute by submitting a pull request to [include their extended schema in the repository](../schemas). This helps foster collaboration and ensures shared improvements benefit the wider community. \ No newline at end of file From 1c1d683c04e0e5e23af949c5819c6a8bb1ae165c Mon Sep 17 00:00:00 2001 From: Natalia Luzuriaga Date: Tue, 13 May 2025 15:18:03 -0700 Subject: [PATCH 5/7] Added generic schema and moved cms schemas to own dir Signed-off-by: Natalia Luzuriaga --- schemas/{ => cms}/schema-0.0.0.json | 0 schemas/cms/schema-0.1.0.json | 405 ++++++++++++++++++++++++++++ schemas/schema-0.1.0.json | 118 +------- 3 files changed, 409 insertions(+), 114 deletions(-) rename schemas/{ => cms}/schema-0.0.0.json (100%) create mode 100644 schemas/cms/schema-0.1.0.json diff --git a/schemas/schema-0.0.0.json b/schemas/cms/schema-0.0.0.json similarity index 100% rename from schemas/schema-0.0.0.json rename to schemas/cms/schema-0.0.0.json diff --git a/schemas/cms/schema-0.1.0.json b/schemas/cms/schema-0.1.0.json new file mode 100644 index 0000000..ee744ee --- /dev/null +++ b/schemas/cms/schema-0.1.0.json @@ -0,0 +1,405 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "CMS Code.json Metadata", + "description": "A metadata standard for software repositories of CMS", + "type": "object", + "properties": { + "items": { + "name": { + "type": "string", + "description": "Name of the project or software" + }, + "description": { + "type": "string", + "description": "A short description of the project. It should be a single line containing a single sentence. Maximum 150 characters are allowed.", + "maxLength": 150 + }, + "longDescription": { + "type": "string", + "description": "Provide longer description of the software, between 150 and 10000 chars. It is meant to provide an overview of the capabilities of the software for a potential user.", + "minLength": 150, + "maxLength": 10000 + }, + "status": { + "type": "string", + "enum": [ + "Ideation", + "Development", + "Alpha", + "Beta", + "Release Candidate", + "Production", + "Archival" + ], + "description": "Development status of the project" + }, + "permissions": { + "type": "object", + "description": "An object containing description of the usage/restrictions regarding the release", + "properties": { + "licenses": { + "type": "array", + "description": "License(s) for the release", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "enum": [ + "CC0-1.0", + "Apache-2.0", + "MIT", + "MPL-2.0", + "GPL-2.0-only", + "GPL-3.0-only", + "GPL-3.0-or-later", + "LGPL-2.1-only", + "LGPL-3.0-only", + "BSD-2-Clause", + "BSD-3-Clause", + "EPL-2.0", + "Other", + "None" + ], + "description": "An abbreviation for the name of the license" + }, + "URL": { + "type": "string", + "format": "uri", + "description": "The URL of the release license in the repository" + } + }, + "required": [ + "name", + "URL" + ] + } + }, + "usageType": { + "type": "string", + "description": "A list of enumerated values which describes the usage permissions for the release: (1) openSource: Open source; (2) governmentWideReuse: Government-wide reuse; (3) exemptByLaw: The sharing of the source code is restricted by law or regulation, including—but not limited to—patent or intellectual property law, the Export Asset Regulations, the International Traffic in Arms Regulation, and the Federal laws and regulations governing classified information; (4) exemptByNationalSecurity: The sharing of the source code would create an identifiable risk to the detriment of national security, confidentiality of Government information, or individual privacy; (5) exemptByAgencySystem: The sharing of the source code would create an identifiable risk to the stability, security, or integrity of the agency’s systems or personnel, (6) exemptByAgencyMission: The sharing of the source code would create an identifiable risk to agency mission, programs, or operations; (7) exemptByCIO: The CIO believes it is in the national interest to exempt sharing the source code; (8) exemptByPolicyDate: The release was created prior to the M-16-21 policy (August 8, 2016)", + "enum": [ + "openSource", + "governmentWideReuse", + "exemptByLaw", + "exemptByNationalSecurity", + "exemptByAgencySystem", + "exemptByAgencyMission", + "exemptByCIO", + "exemptByPolicyDate" + ], + "additionalProperties": false + }, + "exemptionText": { + "type": [ + "string", + "null" + ], + "description": "If an exemption is listed in the 'usageType' field, this field should include a one- or two- sentence justification for the exemption used." + } + }, + "additionalProperties": false, + "required": [ + "licenses", + "usageType" + ] + }, + "organization": { + "type": "string", + "description": "Organization responsible for the project", + "enum": [ + "Centers for Medicare & Medicaid Services" + ] + }, + "repositoryURL": { + "type": "string", + "format": "uri", + "description": "The URL of the public release repository for open source repositories. This field is not required for repositories that are only available as government-wide reuse or are closed (pursuant to one of the exemptions)." + }, + "projectURL": { + "type": "string", + "format": "uri", + "description": "URL to landing page, demo, or production instance of project" + }, + "repositoryHost": { + "type": "string", + "description": "Location where source code is hosted", + "enum": [ + "github.com/CMSgov", + "github.com/CMS-Enterprise", + "github.com/DSACMS", + "github.cms.gov", + "CCSQ GitHub" + ] + }, + "repositoryVisibility": { + "type": "string", + "enum": [ + "public", + "private" + ], + "description": "Visibility of repository" + }, + "vcs": { + "type": "string", + "description": "Version control system used", + "enum": [ + "git", + "hg", + "svn", + "rcs", + "bzr" + ] + }, + "laborHours": { + "type": "number", + "description": "Labor hours invested in the project. Calculated using COCOMO measured by the SCC tool: https://github.com/boyter/scc?tab=readme-ov-file#cocomo" + }, + "reuseFrequency": { + "type": "object", + "description": "Measures frequency of code reuse in various forms. (e.g. forks, downloads, clones)", + "properties": { + "forks": { + "type": "integer" + }, + "clones": { + "type": "integer" + } + }, + "additionalProperties": true + }, + "platforms": { + "type": "array", + "description": "Platforms supported by the project", + "items": { + "type": "string", + "enum": [ + "web", + "windows", + "mac", + "linux", + "ios", + "android", + "other" + ] + } + }, + "categories": { + "type": "array", + "description": "Categories the project belongs to. Select from: https://yml.publiccode.tools/categories-list.html", + "items": { + "type": "string" + } + }, + "softwareType": { + "type": "string", + "description": "Type of software", + "enum": [ + "standalone/mobile", + "standalone/iot", + "standalone/desktop", + "standalone/web", + "standalone/backend", + "standalone/other", + "addon", + "library", + "configurationFiles" + ] + }, + "languages": { + "type": "array", + "description": "Programming languages that make up the codebase", + "items": { + "type": "string" + } + }, + "maintenance": { + "type": "string", + "description": "The dedicated staff that keeps the software up-to-date, if any", + "enum": [ + "internal", + "contract", + "community", + "none" + ] + }, + "contractNumber": { + "type": "string", + "description": "Contract number" + }, + "date": { + "type": "object", + "description": "A date object describing the release", + "properties": { + "created": { + "type": "string", + "format": "date-time", + "description": "Creation date of project." + }, + "lastModified": { + "type": "string", + "format": "date-time", + "description": "Date when the project was last modified" + }, + "metaDataLastUpdated": { + "type": "string", + "format": "date-time", + "description": "Date when metadata was last updated" + } + } + }, + "tags": { + "type": "array", + "description": "Topics and keywords associated with the project to improve search and discoverability", + "items": { + "type": "string" + } + }, + "contact": { + "type": "object", + "description": "Point of contact for the release", + "properties": { + "email": { + "type": "string", + "format": "email", + "description": "Email address of the point of contact" + }, + "name": { + "type": "string", + "description": "Name of the point of contact" + } + } + }, + "feedbackMechanisms": { + "type": "array", + "description": "Methods a repository receives feedback from the community. Default value is the URL to GitHub repository issues page.", + "items": { + "type": "string" + } + }, + "localisation": { + "type": "boolean", + "description": "Indicates if the project supports multiple languages" + }, + "repositoryType": { + "type": "string", + "description": "Purpose and functionality of the repository", + "enum": [ + "package", + "website", + "standards", + "libraries", + "data", + "application", + "tools", + "APIs" + ] + }, + "userInput": { + "type": "boolean", + "description": "Does the software accept user input?" + }, + "fismaLevel": { + "type": "string", + "description": "Level of security categorization assigned to an information system under the Federal Information Security Modernization Act (FISMA): https://security.cms.gov/learn/federal-information-security-modernization-act-fisma", + "enum": [ + "Low", + "Moderate", + "High" + ] + }, + "group": { + "type": "string", + "description": "Home Department / Org / Group associated with the project" + }, + "projects": { + "type": "array", + "description": "Project(s) that is associated or related to the repository, if any (e.g. Bluebutton, MPSM)", + "items": { + "type": "string" + } + }, + "systems": { + "type": "array", + "description": "CMS systems that the repository interfaces with or depends on, if any (e.g. IDR, PECOS)", + "items": { + "type": "string" + } + }, + "upstream": { + "type": "string", + "description": "Link of the upstream repositories and dependencies used, in the form of a Software Bill of Materials/SBOM (https://github.com/$ORG_NAME/$REPO_NAME/network/dependencies)" + }, + "subsetInHealthcare": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "Policy", + "Operational", + "Medicare", + "Medicaid" + ] + }, + "description": "Healthcare-related subset" + }, + "userType": { + "type": "array", + "items": { + "type": "string", + "enum": [ + "Providers", + "Patients", + "Government" + ] + }, + "description": "Types of users who interact with the software" + }, + "maturityModelTier": { + "type": "integer", + "enum": [ + 0, + 1, + 2, + 3, + 4 + ], + "description": "Maturity model tier according to the CMS Open Source Repository Maturity Model Framework: https://github.com/DSACMS/repo-scaffolder/blob/main/maturity-model-tiers.md" + } + } + }, + "required": [ + "name", + "description", + "longDescription", + "status", + "permissions", + "organization", + "repositoryURL", + "repositoryHost", + "repositoryVisibility", + "vcs", + "laborHours", + "reuseFrequency", + "platforms", + "categories", + "softwareType", + "languages", + "maintenance", + "contractNumber", + "date", + "tags", + "contact", + "feedbackMechanisms", + "localisation", + "repositoryType", + "userInput", + "fismaLevel", + "group", + "projects", + "subsetInHealthcare", + "userType", + "maturityModelTier" + ], + "additionalProperties": false +} diff --git a/schemas/schema-0.1.0.json b/schemas/schema-0.1.0.json index ee744ee..84970e0 100644 --- a/schemas/schema-0.1.0.json +++ b/schemas/schema-0.1.0.json @@ -1,7 +1,7 @@ { "$schema": "http://json-schema.org/draft-04/schema#", - "title": "CMS Code.json Metadata", - "description": "A metadata standard for software repositories of CMS", + "title": "code.json metadata", + "description": "A metadata standard for software repositories", "type": "object", "properties": { "items": { @@ -116,22 +116,6 @@ "format": "uri", "description": "The URL of the public release repository for open source repositories. This field is not required for repositories that are only available as government-wide reuse or are closed (pursuant to one of the exemptions)." }, - "projectURL": { - "type": "string", - "format": "uri", - "description": "URL to landing page, demo, or production instance of project" - }, - "repositoryHost": { - "type": "string", - "description": "Location where source code is hosted", - "enum": [ - "github.com/CMSgov", - "github.com/CMS-Enterprise", - "github.com/DSACMS", - "github.cms.gov", - "CCSQ GitHub" - ] - }, "repositoryVisibility": { "type": "string", "enum": [ @@ -280,91 +264,6 @@ "localisation": { "type": "boolean", "description": "Indicates if the project supports multiple languages" - }, - "repositoryType": { - "type": "string", - "description": "Purpose and functionality of the repository", - "enum": [ - "package", - "website", - "standards", - "libraries", - "data", - "application", - "tools", - "APIs" - ] - }, - "userInput": { - "type": "boolean", - "description": "Does the software accept user input?" - }, - "fismaLevel": { - "type": "string", - "description": "Level of security categorization assigned to an information system under the Federal Information Security Modernization Act (FISMA): https://security.cms.gov/learn/federal-information-security-modernization-act-fisma", - "enum": [ - "Low", - "Moderate", - "High" - ] - }, - "group": { - "type": "string", - "description": "Home Department / Org / Group associated with the project" - }, - "projects": { - "type": "array", - "description": "Project(s) that is associated or related to the repository, if any (e.g. Bluebutton, MPSM)", - "items": { - "type": "string" - } - }, - "systems": { - "type": "array", - "description": "CMS systems that the repository interfaces with or depends on, if any (e.g. IDR, PECOS)", - "items": { - "type": "string" - } - }, - "upstream": { - "type": "string", - "description": "Link of the upstream repositories and dependencies used, in the form of a Software Bill of Materials/SBOM (https://github.com/$ORG_NAME/$REPO_NAME/network/dependencies)" - }, - "subsetInHealthcare": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "Policy", - "Operational", - "Medicare", - "Medicaid" - ] - }, - "description": "Healthcare-related subset" - }, - "userType": { - "type": "array", - "items": { - "type": "string", - "enum": [ - "Providers", - "Patients", - "Government" - ] - }, - "description": "Types of users who interact with the software" - }, - "maturityModelTier": { - "type": "integer", - "enum": [ - 0, - 1, - 2, - 3, - 4 - ], - "description": "Maturity model tier according to the CMS Open Source Repository Maturity Model Framework: https://github.com/DSACMS/repo-scaffolder/blob/main/maturity-model-tiers.md" } } }, @@ -376,7 +275,6 @@ "permissions", "organization", "repositoryURL", - "repositoryHost", "repositoryVisibility", "vcs", "laborHours", @@ -391,15 +289,7 @@ "tags", "contact", "feedbackMechanisms", - "localisation", - "repositoryType", - "userInput", - "fismaLevel", - "group", - "projects", - "subsetInHealthcare", - "userType", - "maturityModelTier" + "localisation" ], "additionalProperties": false -} +} \ No newline at end of file From 72150ef7b97fd02b4c02be867c702d3f73fdb7fd Mon Sep 17 00:00:00 2001 From: Natalia Luzuriaga Date: Thu, 15 May 2025 10:54:35 -0700 Subject: [PATCH 6/7] Fixed typo in faq.md Signed-off-by: Natalia Luzuriaga --- docs/faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq.md b/docs/faq.md index 60de36b..2498593 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -52,7 +52,7 @@ By collecting metadata on every software project, this allows the agency to buil ### Is code.json mandatory for all repositories? -Yes. As per M-16-21, agencies are required to publish metadata on all custom-developed code after August 8th 2016, which is not subject to exemptions (see: Sec 6 of M-16-21 and +Yes. As per M-16-21, agencies are required to publish metadata on all custom-developed code after August 8th 2016, which is not subject to exemptions (see: Sec 6 of [M-16-21](https://obamawhitehouse.archives.gov/sites/default/files/omb/memoranda/2016/m_16_21.pdf)). As per the SHARE IT Act, agencies are required to publish metadata on all custom-developed code after July 22, 2025, which is not subject to exemptions (see: [SHARE IT ACT exemptions](https://www.congress.gov/118/plaws/publ187/PLAW-118publ187.pdf)). From 2a5403d749f16b9351f0a28046e303f52914d191 Mon Sep 17 00:00:00 2001 From: Natalia Luzuriaga Date: Thu, 15 May 2025 10:56:13 -0700 Subject: [PATCH 7/7] Update version number of generic schema Signed-off-by: Natalia Luzuriaga --- schemas/{schema-0.1.0.json => schema-1.0.0.json} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename schemas/{schema-0.1.0.json => schema-1.0.0.json} (100%) diff --git a/schemas/schema-0.1.0.json b/schemas/schema-1.0.0.json similarity index 100% rename from schemas/schema-0.1.0.json rename to schemas/schema-1.0.0.json