-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'develop' of [email protected]:datasharingframework/dsf.git…
… into develop
- Loading branch information
Showing
9 changed files
with
469 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| --- | ||
| name: Bug Report | ||
| about: Use this template for reporting a bug | ||
| labels: needs triage, bug report | ||
| --- | ||
|
|
||
| <!-- | ||
| Please only report issues here, that are specific to the DSF (core) itself, not with issues regarding your configuration and/or allow lists. Please use the communcation channels of your parent organization, e.g. Zulip / E-Mail in case of the German Medical Informatics Initiative. If you have an issue with a process plugin, please file a report on the respective [repository](https://dsf.dev/stable/maintain/install-plugins.html). | ||
| Do not report a security vulnerablity as an issue. Please use the [security vulnerability reporting procedure](/doc/security-blMoZZq2k7). | ||
| --> | ||
|
|
||
| <!-- IMPORTANT: Please make sure to remove any sensitive information from your logs, descriptions and screenshots! --> | ||
|
|
||
| ### Description | ||
| <!-- A clear and concise description of what the bug is. --> | ||
|
|
||
|
|
||
| ### Effected DSF Version | ||
| <!-- Please list the affected DSF version or versions, e.g.: | ||
| * 1.x.y | ||
| --> | ||
|
|
||
|
|
||
| ### To Reproduce | ||
| <!-- Write a step by step guide and list configuration options necessary to reproduce the behavior, e.g.: | ||
| Configuration: | ||
| * Some option enabled | ||
| * A specific config parameter set to `some value` | ||
| Steps to reproduce the behavior: | ||
| 1. Go to '...' | ||
| 2. Click on '....' | ||
| 3. Scroll down to '....' | ||
| 4. See error | ||
| --> | ||
|
|
||
|
|
||
| ### Expected Behavior | ||
| <!-- A clear and concise description of what you expected to happen. --> | ||
|
|
||
|
|
||
| ### Logs | ||
| <!-- If applicable, add log files excepts for your DSF FHIR server and DSF BPE server. **Please make sure to remove any sensitive data**. Please make sure to include full stack traces. Always provide the relevant parts of the log files included in /opt/fhir/log/fhir.log and /opt/bpe/log/bpe.log (not just the docker compose logs). --> | ||
|
|
||
| *FHIR:* | ||
| ``` | ||
| FHIR log here ... | ||
| ``` | ||
|
|
||
| *BPE:* | ||
| ``` | ||
| BPE log here ... | ||
| ``` | ||
|
|
||
| ### Screenshots | ||
| <!-- If applicable, add screenshots to help explain your problem. --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| blank_issues_enabled: true | ||
| contact_links: | ||
| - name: Installation Guide | ||
| url: https://dsf.dev/stable/maintain/install | ||
| about: Read how to install the DSF. | ||
| - name: Getting Help | ||
| url: https://github.com/datasharingframework/dsf/discussions | ||
| about: For general questions about the DSF, please use GitHub Discussions. | ||
| - name: MII / NUM Related Questions | ||
| url: https://mii.zulipchat.com/#narrow/stream/392426-Data-Sharing-Framework-.28DSF.29 | ||
| about: For questions about the use of the DSF in the Medical Informatics Initiative (MII) or the Network University Medicine (NUM), please use the channels in the MII Zulipchat. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| --- | ||
| name: Feature Request | ||
| about: Use this template if you want to request a new feature | ||
| labels: needs triage, enhancement | ||
| --- | ||
|
|
||
| <!-- | ||
| Please only report feature requests here, that are specific to the DSF (core) itself. | ||
| If you have a feature requests regarding a process plugin, please file a feature request on the respective [repository](https://dsf.dev/stable/maintain/install-plugins.html). | ||
| --> | ||
| <!-- IMPORTANT: Please make sure to remove any sensitive information from your input! --> | ||
|
|
||
|
|
||
| ### Related Problem | ||
| <!-- Is your feature request related to a problem? Please describe. | ||
| A clear and concise description of the problem . Ex. I'm always frustrated when \[...\] --> | ||
|
|
||
| ### Describe the Solution You’d Like | ||
| <!-- A clear and concise description of what you want to happen. --> | ||
|
|
||
| ### Describe Alternatives You’ve Considered | ||
| <!-- A clear and concise description of any alternative solutions or features you've considered. --> | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| <!-- | ||
| Thanks for sending a pull request! Here are some tips for you: | ||
| 1. If this is your first time, please read our contributor guidelines. | ||
| 2. Ensure you have added or run the appropriate tests for your PR. | ||
| 3. If the PR is unfinished, mark the pull request as draft. | ||
| 4. Be sure to keep the PR description updated to reflect all changes. | ||
| 5. Please write your PR title to summarize what this PR proposes. | ||
| 6. If possible, provide a concise example to reproduce the issue for a faster review. | ||
| --> | ||
|
|
||
| <!-- IMPORTANT: Please make sure to remove any sensitive information from your input! --> | ||
|
|
||
|
|
||
| Closes #issuenumber(s). | ||
|
|
||
| ### Changes | ||
| <!-- | ||
| Please clarify what changes you are proposing. The purpose of this section is to outline the changes and how this PR fixes the issue. | ||
| --> | ||
|
|
||
|
|
||
| ### How Was This Patch Tested? | ||
| <!-- | ||
| If tests were added, say they were added here. Please make sure to add some test cases that check the changes thoroughly including negative and positive cases if possible. | ||
| If it was tested in a different way from regular unit tests, please clarify how you tested step by step, ideally copy and pastetable, so that other reviewers can test and check, and descendants can verify in the future. | ||
| If tests were not added, please describe why they were not added and/or why it was difficult to add. | ||
| --> | ||
| - [ ] Unit tests | ||
| - [ ] Integration tests | ||
| - [ ] Manual executed tests |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| # Contribute | ||
|
|
||
| We are thrilled that you consider contributing to our projects. Your contributions, big or small, are greatly valued and play a significant role in the success and improvement of our work. Whether you're a seasoned developer or just starting out, there's a place for you here to make a meaningful impact. | ||
|
|
||
| ### Ways You Can Contribute | ||
|
|
||
|
|
||
| 1. **Helping Other Users**: | ||
| * **MII Zulip**: If you are part of the German Medical Informatics Initiative, [join the MII Zulip community](https://mii.zulipchat.com/#narrow/stream/392426-Data-Sharing-Framework-.28DSF.29) to assist others, share your knowledge, and learn from fellow contributors. | ||
| * **GitHub Discussions**: Engage with our community in [GitHub Discussions](https://github.com/datasharingframework/dsf/discussions) by answering questions, providing feedback, and sharing your insights. | ||
| 2. **Testing Releases**: | ||
| * **Stay Ahead**: Help us testing the latest releases. Your feedback on functionality, bugs, and user experience is invaluable. | ||
| * **Report Findings**: Share your testing results to help us refine and enhance our releases. | ||
| 3. **Reviewing Changes**: | ||
| * **Peer Review**: Contribute by reviewing pull requests. Your insights can help ensure the quality and integrity of code changes. | ||
| * **Constructive Feedback**: Offer constructive feedback and suggestions to help improve and refine proposed changes. | ||
| 4. **Documentation Changes**: | ||
| * **Improve Documentation**: Help us improving and updating our documentation. Clear and accurate documentation is crucial for user understanding and success. Please checkout our [Getting started guide for documentation contributions](https://dsf.dev/stable/contribute/documentation) to DSF. | ||
| * **Suggest Improvements**: If you notice gaps or areas for enhancement in our documentation, we welcome [your suggestions and contributions](https://github.com/datasharingframework/datasharingframework.github.io). | ||
| 5. **Contributing Bug Reports**: | ||
| * **Report Bugs**: If you find a bug, please report it via [an issue on GitHub](https://github.com/datasharingframework/dsf/issues). Detailed bug reports are incredibly helpful. | ||
| * **Reproduction Steps**: Include steps to reproduce the bug and any relevant logs according to our bug report issue template. | ||
| 6. **Contributing Feature Requests**: | ||
| * **Suggest Features**: You have an idea for a new feature? We'd love to hear it! Open an issue to describe your proposed feature and its potential benefits according to our feature request template. | ||
| * **Collaborate on Implementation**: If you're able to, contribute to the development of your proposed feature or bug fix. Collaboration can lead to more innovative and effective solutions. Please checkout our [Getting started guide for code contributions](./CONTRIBUTING_CODE.md) to DSF. | ||
| 7. **Contributing Process Plugins**: | ||
| * **Develop Process Plugins for the DSF**: If you have ideas for a process plugin, we encourage you to develop and contribute them. Our [Getting started guide for process plugin development](https://dsf.dev/stable/develop/) will be a useful reference. | ||
| * **Share Your Work**: Your plugins could be a valuable addition to the ecosystem and benefit other users. | ||
|
|
||
| Before you start contributing, we recommend reading our getting started guidelines for detailed information on our processes and standards. This ensures a smooth and productive experience for everyone involved. | ||
|
|
||
| **Your contributions in any form, are what drives the continuous growth and improvement of this project. Thank you for being a part of our community and for your willingness to contribute!** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,94 @@ | ||
| # Contribute Code | ||
|
|
||
| Your code can make a difference for the Data Sharing Framework (DSF). We invite all users to share their code, tests, scripts and improvement ideas. Contributions of any size enhance the DSF and support the data sharing framework community. | ||
|
|
||
| ### Benefits of Contributing: | ||
| - Foster community growth and diversification. | ||
| - Sharpen your coding skills. | ||
| - Gain recognition in the DSF community. | ||
| - Directly impact the future of data sharing in medicine. | ||
|
|
||
| Start now by visiting our contribution pages. Every line of code helps us build a stronger and more versatile DSF. | ||
|
|
||
| ## General | ||
|
|
||
| ### Code Style | ||
|
|
||
| You can import our code style for your specific IDE: | ||
|
|
||
| * [Eclipse](https://github.com/datasharingframework/dsf/blob/main/src/main/resources/eclipse-formatter-config.xml). Open your preferences, click on `Java`, `Code style`, `Formatter`, `Import` and select the downloaded file. | ||
| * [IntelliJ](https://github.com/datasharingframework/dsf/blob/main/src/main/resources/intellij-formatter-config.xml). Open your settings, click on `Editor`, `Code style`, `Java`, the settings icon, `import scheme`, `IntelliJ` and select the downloaded file. | ||
|
|
||
| Pull requests will only be approved if the code is formatted according to the code style configurations above. To format the code with maven before pushing to GitHub, use `mvn compile -Pformat-and-sort`. | ||
|
|
||
| ### Branching Strategy | ||
|
|
||
| [Git Flow](https://www.atlassian.com/de/git/tutorials/comparing-workflows/gitflow-workflow) is used as this project's branching strategy. Therefore, you will find the following structure: | ||
|
|
||
| * main | ||
| * develop | ||
| * issue | ||
| * hotfix | ||
| * release | ||
|
|
||
| Notice that only the first two elements listed are actual branches. The other elements are containers to hold all branches belonging to that category. | ||
|
|
||
|
|
||
| #### Branch Naming | ||
|
|
||
| The following ruleset is applied to name branches: | ||
|
|
||
| * `issue/<issue-number>_<issue-name>` | ||
| * `hotfix/<version>` | ||
| * `release/<version>` | ||
|
|
||
| ## Setting up the Project | ||
|
|
||
| This chapter lists all important requirements to get the project buildable and running properly. | ||
|
|
||
| ### Java | ||
|
|
||
| This project uses Java JDK 17, so make sure you have it installed on your system. | ||
|
|
||
| ### Docker | ||
|
|
||
| [Docker](https://www.docker.com/) is used in this project to test database functionality and to run more complex test-setups. | ||
|
|
||
| ### Maven | ||
|
|
||
| The project relies on [Maven](https://maven.apache.org/) as its management tool. | ||
| *Important:* When building the project you might encounter the following error: | ||
| *Could not determine gpg version* [GPG](https://gnupg.org/) is used to sign artifacts for public release. Since this does not concern contributors, you may skip this step in the maven build process with `-Dgpg.skip`. | ||
|
|
||
|
|
||
| ## Workflow | ||
|
|
||
| 1. Create an issue or comment on an issue that you want to contribute some feature | ||
| 2. Fork the repository, create a branch and mention it in the issue | ||
| 3. If you desire feedback, create a pull request or comment on it in the issue. Feel free to @ any member with write permissions if you feel like your request has not been registered yet. They will review your changes and/or change requests | ||
| 4. If your changes are production-ready, create a [pull request](https://github.com/datasharingframework/dsf/pulls). | ||
|
|
||
| ### Pull Request Process | ||
|
|
||
| We follow Martin Fowler's method for managing pull requests. This approach categorizes pull requests based on the level of trust and experience of the contributor, as well as the impact of the changes. Here's how we apply it: | ||
|
|
||
| 1. **Ship**: For our most trusted contributors with a proven track record. These members can merge their pull requests without prior review, typically for minor or highly confident changes. | ||
|
|
||
| 2. **Show**: This level is for trusted contributors who need some oversight, as well as for experienced developers who want to demonstrate how certain changes should be made in the future. They create pull requests and show their work to the team. | ||
|
|
||
| 3. **Ask**: New or less experienced contributors, as well as those submitting more complex changes, fall into this category. They are required to ask for feedback and approval before their changes can be merged, ensuring thorough review and quality control. | ||
|
|
||
|
|
||
| This method helps us maintain a balance between code quality and efficient development, recognizing the varying levels of expertise among our contributors. | ||
|
|
||
| For more information on Fowler's approach, visit [Martin Fowler's article on Pull Requests](https://martinfowler.com/articles/ship-show-ask.html). | ||
|
|
||
|
|
||
| ## Data Security in DSF Development | ||
|
|
||
| The DSF (Data Sharing Framework) and its process plugins are frequently used to transmit sensitive personal data. To prevent the release of personal data during development, please adhere to the following guidelines: | ||
|
|
||
| - **No development with real personal data:** Always use anonymized or synthetic data for development purposes. | ||
| - **No personal data in repositories:** Ensure no personal data is present in local and remote repositories intended for publication, not even temporarily. | ||
| - **Review all log files:** Before using log files in issues, examples, etc., thoroughly review them to ensure no personal and sensitive data is included. | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| # Security | ||
|
|
||
| You can find explanations of architectural decisions and functions that involve the security of the Data Sharing Framework (DSF), services and tools offered by us at https://dsf.dev/security. An overview of the currently supported DSF versions can be found there. | ||
|
|
||
| ## Security Vulnerability Disclosure Policy | ||
|
|
||
| ### Our Commitment to Security | ||
|
|
||
| We as the DSF development team take security of our software, services and data very seriously. We understand that despite our best efforts, vulnerabilities can exist. To address this, we encourage responsible reporting of any security vulnerabilities discovered in our software and systems. | ||
|
|
||
| ### Responsible Disclosure | ||
|
|
||
| We kindly ask security researchers and the general public to follow the principles of *Coordinated Vulnerability Disclosure (CVD)* or *Responsible Disclosure* when reporting vulnerabilities to us. This approach helps us to mitigate potential risks and protect our users' data effectively. | ||
|
|
||
| ### How to Report a Vulnerability | ||
|
|
||
| If you believe you have found a security vulnerability in our system, please email us at **[[email protected]](mailto:[email protected])**. If you want to use end-to-end-encryption, you can send us mails using s-mime with the certificate chain provided [here](https://github.com/datasharingframework/dsf/blob/main/SECURITY_CERTIFICATE.pem). We kindly request the following: | ||
|
|
||
| * Provide a detailed description of the vulnerability, including if possible the potential impact and how it can be exploited. | ||
| * Include steps to reproduce the vulnerability or proof-of-concept code, if possible. | ||
| * Avoid accessing or modifying user data without permission, and do not exploit a security issue for any reason other than testing. | ||
| * Maintain confidentiality and do not publicly disclose the vulnerability, until we have had the opportunity to investigate and address it. | ||
|
|
||
| Please do not file an issue on a security-related topic and use the e-mail address provided. You can verify the address both in the application repository and at https://dsf.dev/security. | ||
|
|
||
| ### Our Promise | ||
|
|
||
| * **Acknowledgement**: We usually will acknowledge receipt of your vulnerability report within 48 hours. | ||
| * **Investigation**: Our security team will investigate the issue and work diligently to verify and reproduce the vulnerability. | ||
| * **Communication**: We will keep you informed of our progress as we work to resolve the issue. | ||
| * **Resolution**: We will strive to resolve security issues in a timely manner and release updates, patches, or remediations as needed. | ||
| * **Recognition**: We value your effort in making our systems more secure and will recognize your contribution, if desired, once the vulnerability is resolved. | ||
|
|
||
| ### Legal Protection | ||
|
|
||
| We promise not to initiate legal action against individuals who report vulnerabilities responsibly in accordance with this policy. This includes not suing for accidental access to data or reporting in good faith. | ||
|
|
||
| ### Questions? | ||
|
|
||
| If you have any questions about this policy or security of the Data Sharing Framework, the services and tools we provide, please contact us at **[[email protected]](mailto:[email protected])**. You can send us encrypted e-mails using s-mime. You can find the certificate chain [here](https://github.com/datasharingframework/dsf/blob/main/SECURITY_CERTIFICATE.pem). |
Oops, something went wrong.