3.a.0 Administrative Security Review

This issue documents the Administrative Security Review performed against the main branch of the nshm-alaska project for a provisional release.

Below is a summary of the various components I've reviewed - those with checkmarks indicate that I found no admin/security issues and nothing needs to be resolved, or that any issues I flagged have since been resolved. Those currently un-checked indicate outstanding issues that need to be addressed or resolved.

• ReadMe - Initial review complete with several issues that need to be addressed
• Disclaimer - Review complete with no issues
• License - Initial review complete with no issues - links to USGS copyright policy and creative commons license language work.
• Metadata (code.json) - code.json has all necessary metadata fields
• Security review for absolute paths/personal data
  • Files - no sign of personally identifiable information, absolute paths, internal server host names, or IP addresses
  • Commit list - no sign of personally identifiable information, absolute paths, internal server host names, or IP addresses
• Numerous ReadMe files within the source subdirectories that seem to serve as internal notetaking/coordination, rather than user documentation.

changed the description

mentioned in merge request !16 (closed)

changed title from 3.0.0 Administrative Security Review to 3.a.0 Administrative Security Review

changed the description

changed the description

assigned to @amakdisi

README.md

• TBD entries should be resolved for the Model Notes, Model Documentation, and Suggested Citation fields.
• Per the software release checklist guide, the README.md should include links to additional detailed information such as the disclaimer statement and license information, which are currently missing here.
• The file names under the Site Files section should be updated from e.g. map-alaska.geojson to map.geojson and so on for the rest of the map and site files in the root directory.

fixed filenames in README in commit b136cfea

TBD entries in README will be populated as the 2023 model is finalized

Having failed to find an example README on code.usgs.gov that satisfies this checklist suggestion, and to remain consistent with other NSHM READMEs, I'm leaving links to the license and disclaimer out for now.

See #7 (closed)

Looks and sounds good to me, closing out my review of the ReadMe file.

marked the checklist item ReadMe as completed

marked the checklist item Disclaimer as completed

changed the description

marked the checklist item License - Initial review complete with no issues - links to USGS copyright policy and creative commons license language work. as completed

marked the checklist item Metadata (code.json) as completed

changed the description

marked the checklist item Metadata (code.json) - code.json has all necessary metadata fields as completed

marked the checklist item Commit list as completed

changed the description

Contributing.md

• Link directing users to repository issue page (https://code.usgs.gov/ghsc/nshmp/nshm-alaska/-/issues) returns a 404

fixed link to project issues page in commit eb0265c4