David A. Wheeler
David A. Wheeler
[Update to Rail 6](https://edgeguides.rubyonrails.org/upgrading_ruby_on_rails.html#upgrading-from-rails-5-2-to-rails-6-0). I don't see the new functionality being something we want to jump to. Rails 6 adds the Trix editor, but it can't handle Markdown (and there's...
When reviewing performance I noticed that we're requesting a /cci-logo-header that isn't even available (we reply with a 404). On non-first-time views this takes a significant part of the total...
Review the NIST document "[Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)](https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04232020.pdf)" to see if new criteria should be created (or existing criteria tweaked)...
Consider adding https://diffend.io (e.g., during test). They want you to run a random curl script, not my favorite, but that seems to be a one-time activity.
We occasionally have *massive* increases in memory use. I tracked one down today at 14:00, and found that it was a simple "show" of a user, specifically: https://bestpractices.coreinfrastructure.org/en/ users/7570 (URL...
We have currently scaled up the BadgeApp by increasing the number of threads, but that has its limits. We should explore using full parallelism to increase the maximum number of...
In the /criteria* pages, if you jump to a named anchor, it jumps to the text but it's hidden under the navigation bar. @jdossett - you fixed this before on...
Many jurisdictions have laws that require certain kinds of data protection for privacy, e.g.: * Europe has the [General Data Protection Regulation (GDPR)](https://gdpr-info.eu). See the official [Complete Guide to GDPR...
Jeffrey Walton (Baltimore, MD, US) posted the following message with subject "Be careful of dynamic assertions". I thought he raised some important points, so I'm posting this as a GitHub...
Now that we have an automation framework, implement a few relatively-easy form entries to automate.