Timo Pagel

Ok. Just added markdown for measure and changed _implementation_ to array. How do we handle the content of _implementation_? Should it be an object or a string? In json, I...

Hi @hectoralicea, that is possible. In case you open source (at least some of) your additions to the model, I will implement that for you. Deal?

Just to mention, I do understand that you want multiple extra fields. Your "implementationApproach" might allign with the existing field "evidence", see https://github.com/wurstbrot/DevSecOps-MaturityModel#usage.

> The even more difficult part will be to be able to edit these new entries from the web app. Can you elaborate more your use case?

See https://github.com/wurstbrot/DevSecOps-MaturityModel/pull/36

What about this workflow which I am having in mind since a while: Every DSOMM-Activity is in a separate file containing an identifier. e.g. ```yaml Building and testing of artifacts...

Not sure if you need a fork, I think about layer container images, placing the _data-customized_ into _/var/www/html_.

Hi @derweiser, I agree that SCA might be a subdimension of _Test and Verfication_. In a maturity model, a subdimension should try to have an activity on each level. In...

1. Great, would you like to create a PR? 2. Compliance is so far not very present in this model, feel free to create a PR with license tests 3....

We discussed this in https://github.com/wurstbrot/DevSecOps-MaturityModel/issues/35 To not only move to single yaml files per action and convert to markdown might be a good idea. Shall we have a call to...