diff --git a/docs/metadata.md b/docs/metadata.md
index 7cc52d6..155511a 100644
--- a/docs/metadata.md
+++ b/docs/metadata.md
@@ -74,6 +74,14 @@ We encourage agencies to contribute by [submitting an agency schema addition iss
| Name of the project or software |
|
+
+ | version |
+ optional |
+ πΊπΈ |
+ str |
+ The version for this release |
+ |
+
| description |
required |
@@ -169,6 +177,38 @@ We encourage agencies to contribute by [submitting an agency schema addition iss
- private
+
+ | homepageURL |
+ optional |
+ πΊπΈ |
+ str |
+ The URL of the public release homepage |
+ |
+
+
+ | downloadURL |
+ optional |
+ πΊπΈ |
+ str |
+ The URL where a distribution of the release can be found |
+ |
+
+
+ | disclaimerURL |
+ optional |
+ πΊπΈ |
+ str |
+ The URL where disclaimer language regarding the release can be found |
+ |
+
+
+ | disclaimerText |
+ optional |
+ πΊπΈ |
+ str |
+ Short paragraph that includes disclaimer language to accompany the release |
+ |
+
| vcs |
required |
@@ -199,6 +239,14 @@ We encourage agencies to contribute by [submitting an agency schema addition iss
Measures frequency of code reuse in various forms |
|
+
+ | languages |
+ required |
+ πΊπΈ |
+ arr |
+ Programming languages that make up the codebase |
+ |
+
| maintenance |
required |
@@ -220,6 +268,44 @@ We encourage agencies to contribute by [submitting an agency schema addition iss
Contract number |
|
+
+ | SBOM |
+ required |
+ πΊπΈ |
+ str |
+ Link of the upstream repositories and dependencies used, in the form of a Software Bill of Materials/SBOM. If the software does not have a SBOM, enter 'None'. (i.e. Github provides an SBOM: https://github.com/$ORG_NAME/$REPO_NAME/network/dependencies) |
+ |
+
+
+ relatedCode/name
relatedCode/URL
relatedCode/isGovernmentRepo |
+ optional |
+ πΊπΈ |
+ obj |
+ An array of affiliated government repositories that may be a part of the same project |
+ relatedCode for 'code-gov-front-end' would include 'code-gov-api' and 'code-gov-api-client' |
+
+
+ reusedCode/name
reusedCode/URL |
+ optional |
+ πΊπΈ |
+ obj |
+ An array of government source code, libraries, frameworks, APIs, platforms or other software used in this release |
+
+ - US Web Design Standards
+ - cloud.gov
+ - Federalist
+ - Digital Services Playbook
+ - Analytics Reporter
+ |
+
+
+ partners/name
partners/email |
+ optional |
+ πΊπΈ |
+ obj |
+ An array of objects including an acronym for each agency partnering on the release and the contact email at such agency |
+ |
+
date/created
date/lastModified date/metadataLastUpdated |
required |
@@ -324,6 +410,14 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
Name of the project or software |
|
+
+ | version |
+ optional |
+ πΊπΈ |
+ str |
+ The version for this release |
+ |
+
| description |
required |
@@ -415,14 +509,6 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
The URL of the public release repository for open source repositories. This field is not required for repositories that are only available as government-wide reuse or are closed (pursuant to one of the exemptions). It can be listed as 'private' for repositories that are closed. |
|
-
- | projectURL |
- optional |
-  |
- str |
- URL to landing page, demo, or production instance of project |
- |
-
| repositoryHost |
required |
@@ -448,6 +534,38 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
- public
- private
+
+
+ | homepageURL |
+ optional |
+ πΊπΈ |
+ str |
+ The URL of the public release homepage |
+ |
+
+
+ | downloadURL |
+ optional |
+ πΊπΈ |
+ str |
+ The URL where a distribution of the release can be found |
+ |
+
+
+ | disclaimerURL |
+ optional |
+ πΊπΈ |
+ str |
+ The URL where disclaimer language regarding the release can be found |
+ |
+
+
+ | disclaimerText |
+ optional |
+ πΊπΈ |
+ str |
+ Short paragraph that includes disclaimer language to accompany the release |
+ |
| vcs |
@@ -542,7 +660,7 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
- none
-
+
| contractNumber |
required |
π |
@@ -550,6 +668,44 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
Contract number |
|
+
+ | SBOM |
+ required |
+ πΊπΈ |
+ str |
+ Link of the upstream repositories and dependencies used, in the form of a Software Bill of Materials/SBOM. If the software does not have a SBOM, enter 'None'. (i.e. Github provides an SBOM: https://github.com/$ORG_NAME/$REPO_NAME/network/dependencies) |
+ |
+
+
+ relatedCode/name
relatedCode/URL
relatedCode/isGovernmentRepo |
+ optional |
+ πΊπΈ |
+ obj |
+ An array of affiliated government repositories that may be a part of the same project |
+ relatedCode for 'code-gov-front-end' would include 'code-gov-api' and 'code-gov-api-client' |
+
+
+ reusedCode/name
reusedCode/URL |
+ optional |
+ πΊπΈ |
+ obj |
+ An array of government source code, libraries, frameworks, APIs, platforms or other software used in this release |
+
+ - US Web Design Standards
+ - cloud.gov
+ - Federalist
+ - Digital Services Playbook
+ - Analytics Reporter
+ |
+
+
+ partners/name
partners/email |
+ optional |
+ πΊπΈ |
+ obj |
+ An array of objects including an acronym for each agency partnering on the release and the contact email at such agency |
+ |
+
date/created
date/lastModified date/metadataLastUpdated |
required |
@@ -653,7 +809,7 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
|
- | project |
+ projects |
required |
|
arr |
@@ -669,14 +825,6 @@ Full schema can be found in [schema-2.0.0.json](../schemas/schema-2.0.0.json).
IDR, PECOS |
- | upstream |
- optional |
- |
- arr |
- Link of the upstream repositories and dependencies used, in the form of a Software Bill of Materials/SBOM (https://github.com/$ORG_NAME/$REPO_NAME/network/dependencies) |
- augur, uswds |
-
-
| subsetInHealthcare |
required |
|
diff --git a/docs/procedures.md b/docs/procedures.md
index 1ec57b9..617dae2 100644
--- a/docs/procedures.md
+++ b/docs/procedures.md
@@ -5,15 +5,21 @@ The CMS Open Source Program Office developed various tools that can automate det
> **Learn more about our SHARE IT Act tools**: https://dsacms.github.io/share-it-act-lp/
**Procedures for Project Teams**:
+
[Creating a code.json file in your repository](#creating-a-codejson-file-in-your-repository)
- [code.json generator form site](#using-form-site)
- [automated-codejson-generator GitHub Action](#using-automated-codejson-generator)
- [repo-scaffolder](#using-repo-scaffolder)
-***Procedures for Agencies**:
+**Procedures for Agencies**:
+
[Generate an agency-index.json file for submission](#generate-an-agency-indexjson-file-for-agencies)
- [codejson-index-generator](#using-codejson-index-generator)
+[Tools created by other teams and agencies](#tools-created-by-other-teams-and-agencies)
+- [CMS CMCS](#cms-cmcs-codejson-aggregator)
+- [CDC](#cdc-share-it-act-repository-scanner-tool)
+
## Creating a code.json file in your repository
@@ -23,7 +29,6 @@ The CMS Open Source Program Office developed various tools that can automate det
Users can fill out a web form that creates a code.json file to be uploaded to a project's source code repository: https://dsacms.github.io/codejson-generator.
-
### Using automated-codejson-generator
*This method works best for repositories hosted on GitHub with GitHub Actions enabled.*
@@ -143,3 +148,18 @@ python main.py --agency AGENCY_NAME --orgs "org1,org2" --output code.json --vers
```bash
python3 main.py --agency CMS --orgs "DSACMS,CMSgov,CMS-Enterprise" --output code.json --version 1.0.0
```
+
+## Tools created by other teams and agencies
+
+Below are tools other teams and agencies developed to create a consolidated software inventory for the SHARE IT Act. They include methods to retrieve necessary metadata from private and internal repositories.
+
+### CMS CMCS code.json aggregator
+
+mac-fc-aggregate-codejson aggregates code.json files from all private and internal repositories in a GitHub organization.
+https://github.com/Enterprise-CMCS/mac-fc-aggregate-code-json
+
+## CDC SHARE IT Act Repository Scanner Tool
+
+The CDC SHARE IT Act Repository Scanner Tool gathers and consolidates repository metadata from various code environments by generating code.json files in all repositories, having project teams review and correct information for accuracy, then creating an index file containing all aggregated code.json metadata.
+- https://github.com/CDCgov/ShareIT-Act
+- https://github.com/OCIO-ricky/ShareITAct_RepoScanning