Skip to content

OpenPathfinder/visionBoard

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 
ย 

Repository files navigation

VisionBoard logo with a gold compass emblem and the tagline 'Transforming Data into Actionable Insights' on a black background

VisionBoard

Transforming Data into Actionable insights


This project aims to provide a secure and user-friendly dashboard for managing and monitoring projects under the OpenJS Foundation. It evolves from this proof of concept (POC) and currently we are developing an MVP version (milestone roadmap).

Table of Contents

  1. Motivation
  2. Getting Started
  3. Usage
  4. Database Management
  5. Development
  6. Community Guidelines
  7. License

Motivation

The goal of this project is to streamline the secure management of OpenJS Foundation projects by providing an intuitive dashboard with robust infrastructure support. It emphasizes security, simplicity, and extensibility โœจ

More Context

A few months ago, we started a discussion about the OpenJS Security Collab space initiative ("Security Program Standards") to build a dashboard for monitoring security parameters in our projects (Node.js, Electron, jQuery, Express, etc.). After carefully planning and securing resources, we are now at an exciting point as weโ€™ve recently launched a pilot program with some projects. ๐Ÿš€

So far, weโ€™ve developed this website: https://openjs-security-program-standards.netlify.app/, which is based on the checklist (Google Sheet) and the introductory document (Google Doc) that we compiled during our original research. ๐Ÿ˜„

You can watch this YouTube video for a proper introduction to the Dashboard and website (both Proof of Concept versions) built based on feedback from the Express Security WG and others.

In essence, this tool collects information from multiple sources, evaluates it, transforms it into actionable insights, and uses it to build dashboards, tasks, and alerts at both the foundation and project levels. If you prefer a non-video format, here are the slides and the code repository.

Currently, we are focused on building a solid MVP and onboarding new contributors, aiming to create a great product by the end of this process. ๐Ÿ˜Ž

Engage Now

Yes, we are looking for HELP in many ways! ๐Ÿ˜‡ Letโ€™s collaborate and have fun together. You can find more information in the contributing guide. ๐ŸŒŸ

Another great way to get involved is by participating in the OpenJS Security Collab Space. We hold regular meetings to discuss this initiative and many other exciting topics.

The project includes a technical architecture guide that provides in-depth explanations of various concepts.


Getting Started

Prerequisites

  • Node.js 22 and npm
  • Docker and Docker Compose
  • GitHub token with repo:read access level (not needed for development)

Infrastructure Setup

This project requires a PostgreSQL database and includes an instance of Adminer accessible at http://localhost:8080.

Start Infrastructure

npm run infra:start

Stop Infrastructure

npm run infra:stop

Configuration

Environment Variables

Set the GITHUB_TOKEN environment variable to authenticate with the GitHub API.

Optionally, use a .env file:

GITHUB_TOKEN=your_github_token_here

Then load it using:

node --env-file=.env index.js workflow run --name populate-repos-list

Usage

Projects

Add a new project:

node index.js project add [--name <name>] [--github-urls <urls...>] [--category <category>]

Example:

node index.js project add --name express --github-urls https://github.com/expressjs https://github.com/pillarjs https://github.com/jshttp --category impact

Workflows

Run a workflow:

node index.js workflow run [--name <name>]

List workflows:

node index.js workflow list

Checks

List all checks:

node index.js check list

Run a specific check:

node index.js check run [--name <name>]

There is an specific workflow that runs all the checks sequentially:

node index.js workflow run run-all-checks

Checklist

The checklist are collections of checks. You can list the available list by running:

node index.js checklist list

Run a specific checklist:

node index.js checklist run [--name <name>]

It is possible also to define a project scope:

node index.js checklist run [--name <name>] [--project-scope <name1,name2,...>]

Database Management

Migrations

Run latest migrations:

npm run db:migrate

Rollback migrations:

npm run db:rollback

Seeding

Seed the database:

npm run db:seed

Schema Management

Check the schema:

Refer to the latest schema file at /src/database/schema/schema.sql.

Update the schema:

npm run db:generate-schema

Development

Debugging

Enable debug logs using the DEBUG environment variable:

DEBUG=* node index.js

Linting

Run lint checks:

npm run lint

Fix lint issues:

npm run lint:fix

Testing

Run tests:

npm test

Run tests with coverage:

npm run test:coverage

Update the snapshots when needed:

npm run test -- -u

Community Guidelines

We encourage contributors to adhere to our Code of Conduct and Contributing Guidelines. Security-related concerns should follow our Security Policy.

License

This project is licensed under the MIT License. See the LICENSE file for details.

About

Transforming Data into Actionable Insights

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •