Skip to main content

Jargon

When reading about Morio, you may encounter terms you are unfamiliar with.

This page — along with our terminology pages — attempt to remediate that:

Use as:_ami_
AMI

An Amazon Machine Image (AMI) is a type of virtual machine image format suitable for deployment on the EC2 compute service of Amazon Web Services (AWS).

Use as:_aws_
AWS

Amazon Web Services is the world's largest cloud service provider.

Learn more at aws.amazon.com.

Use as:_cert-eu_
CERT-EU

CERT-EU is the Cybersecurity Service for the Institutions, Bodies, Offices and Agencies of the European Union, the home of Morio.

Learn more at cert.europa.eu.

Use as:_ci_
CI

CI stands for Continuous Integration. In the context of Morio, we use it as shorthand for CI/CD, which combines CI with Continuous Deployment. We use CI to refer to the automation in building, testing, and deploying changes in software.

To learn more, the CI and CI/CD articles on Wikipedia are a good starting point.

Use as:_dry_
DRY

In programming, DRY stands for Don’t Repeat Yourself. The idea being that you should not write the same thing twice, rather everything should have its place.

This way, when you need to make a change, you only need to change it in one place.

Use as:_fqdn_
FQDN

FQDN stands for Fully Qualified Domain Name, a name the specifies the exact location of a host by combining host name and domain name.

apt.repo.morio.it is an example of an FQDN.

Use as:_iicb_
IICB

The IICB is the European Union's Interinstitutional Cybersecurity Board and the governing body of CERT-EU, the home of Morio.

Use as:_mdx_
MDX

MDX lets you use JSX in your markdown content. It allows you to import components, and embed them within your content. This makes writing markdown with custom components a blast.

Learn more at mdxjs.com.

Use as:_monorepo_
Monorepo

A monorepo is a repository that combines source code for different project, packages, or services into a single source code repository. This facilitates sharing code, functionality, and dependencies.

The Morio monorepo, or monorepo for short, is the repository hosting the Morio source code.

You can find it at github.com/certeu/morio

Use as:_mtls_
mTLS

mTLS or Mutual TLS utilises Transport Layer Security (TLS) to not only authenticate the server by its certificate, but also the client.

It is an authentication method that identifies both parties with a certificate, rather than the much more common TLS where only the server is identified.

Use as:_pkce_
PKCE

Proof Key for Code Exchange or PKCE (pronounced pixy) is an OpenID Connect flow that is specifically designed to protect against authorisation code interception attacks.

It is typically used in scenarios where the client secret cannot be protected, such as native mobile apps, or single page applications.

While the Morio UI service is a single page application, any OpenID Connect client secret is not available in the frontend code since the OpenID flow is initiated by the Morio API service.

Still, Morio implements the PKCE flow for OpenID Connect as an extra layer of protection according to the defence in depth principle.

Use as:_run scripts_ or _run script_
Run scripts

NPM run scripts, or run scripts for short, refer to scripts defined in the scripts section of a NodeJS package.json file. These scripts are typically used for all sorts of housekeeping an automation.

For more info, refer to the NPM docs on scripts.

Use as:_workspaces_ or _workspace_
Workspaces

NPM workspaces is is a generic term that refers to the set of features in the npm cli that facilitate handling NodeJS dependencies inside a monorepo.

For example, both the core and api folders rely on common dependencies. Rather than installing them twice, through the use of workspaces they will be installed the monorepo root, and shared.

There is more to workspaces, as it is a somewhat advanced feature of NPM, but that's not really relevant for Morio. If you want to learn more, refer to the NPM documentation on workspaces.