Establishing SDLC practices for all ROOST projects #45
Description
This is referenced in other Issues ( #28), but we need to capture what good software development lifecycle practices look like for ROOST projects, and figure out which ones need to be implemented now and which ones can happen later.
Big categories that come to mind:
- Overall quality statement -- sets the ethos of future engineering decisions (shoutout to @tpepper for this one)
- Versioning
- Release cadence
- Testing practices
- Dependency handling
- Security scans in CI/CD
- Security of releases
- Contributor and Code Review practices
- Deprecation
Other major categories we should have?
I can put up an initial working doc as a PR with what would be under those categories and propose priorities (eg now vs later).