遵循以下最佳实践的项目将能够自愿的自我认证,并显示他们已经实现了核心基础设施计划(OpenSSF)徽章。 显示详细资料
[](https://www.bestpractices.dev/projects/5074)
<a href="https://www.bestpractices.dev/projects/5074"><img src="https://www.bestpractices.dev/projects/5074/badge"></a>
Identity and Access Management System
Yes, we there is 2 codeowner https://gitlab.com/dadangnh/iam/-/blob/master/.gitlab/CODEOWNERS
Yes, please see: https://gitlab.com/dadangnh/iam/-/blob/master/README.md
Will add it
We use gitlab, https://gitlab.com/dadangnh/iam
We use issue tag on Gitlab Issue tp identify this. https://gitlab.com/dadangnh/iam/-/issues
We use Gitlab Account and enforce user to use 2FA
We use 2FA by Google Auth
We use Symfony Coding Standard https://symfony.com/doc/current/contributing/code/standards.html and check it on every merge request
Yes, please see: https://gitlab.com/dadangnh/iam/-/merge_requests
We use docker to make the build easier for everyone, please see: https://gitlab.com/dadangnh/iam/-/blob/master/docker-compose.yml
Please see: https://gitlab.com/dadangnh/iam/-/blob/master/.gitlab-ci.yml
Yes, Please see: https://gitlab.com/dadangnh/iam/-/blob/master/.gitlab-ci.yml
We use Gitlab CI for automated test
Yes, we use the Gitlab CI and it can detect the coverage
Yes, please see the web server config at https://gitlab.com/dadangnh/iam/-/blob/master/docker/caddy/Caddyfile or https://gitlab.com/dadangnh/iam/-/blob/master/docker/nginx/nginx.conf
Found all required security hardening headers. https://gitlab.com/dadangnh/djp-iam/-/security/dashboard
Yes, we use Gitlab review https://gitlab.com/dadangnh/iam/-/security/vulnerability_report
The software generate token for authentication, so the token is encrypted as part of the hardening mechanism. https://gitlab.com/dadangnh/iam/-/security/dashboard
We use Gitlab SAST and DAST for Static Analysis and Dynamic Analysis. Furthermore, we also implement code scanner by deepsource and codacy to improve the safe coding.
We use Gitlab Fuzzing
后退
级别条款。您还可以查看
或
级别条款。