QUESTIONS

{
    ... // more things
  message: 'Q0. What is the name of the application?'
  ... // more things
},
{
  ... //more things
  message: 'Q1. Application Type : What kind of application is this? \n * Tip: How will MOST users interact with your application?',
  ... // more things
},
{
  ... // more things
  message: "Q1.1 What is the application hostname? \n * Tip: How will users REACH your application, like: 'http://localhost:8080' or 'www.google.com'",
  ... // more things
},
{
  ... // more things
  message: "Q2. Application Accessibility : Will the application be accessible over the Internet? \n * Tip : if this is a possibility in the future, say 'Yes'",
  ... // more things
},
{
  ... // more things
  message: "Q3. User Sign-in : Will your application require any kind of sign-in or authentication functionality in order to utilize certain routes or services? \n * Tip : if this is a possibility in the future, say 'Yes'",
  ... // more things
},
{
  ... // more things
  message: "Q4. Sessions : Will the application have predetermined session lengths or can users be logged in indefinitely? \n * Tip : if this is a possibility in the future, say 'Yes'",
  ... // more things
},
{
  ... // more things
  message: 'Q4.1 What is the default session length (TTL) in seconds?',
  ... // more things
},
{
  ... // more things
  message: "Q5. Connection Security : Does the application force secure transport (HTTPS, SSH, etc) throughout? \n * Tip : if your application responds to requests over non-secure means on any component say 'No'",
  ... // more things
},
{
  ... // more things
  message: "Q6. Content Acquisition : Is all of the data/content generated and processed within your application? \n * Tip : if you plan to use external APIs at any point, choose the second answer. You'll have the opportunity to specify these sources later",
  ... // more things
},
{
  ... // more things
  message: "Q6.1. Content Sources: Sweet! What are those sources? (JSON)\n * Tip: While specificity is more secure, it's also limiting. Use '*' operand for more flexible options. Use the formatting in the default",
  default: '{"default" : ["\'self\'", "\'www.redit.com\'"], "media" : ["\'self\'", "\'*.pinterest.com\'", "\'https://*.flickr.com\'", "\'ftp://video.domain.com:21\'"], "images" : ["\'self\'"], "styles" : ["\'*.bootstrap.com\'", "\'https://materializecss.com\'", "\'self\'"], "scripts" : ["\'self\'"], "frames" : ["\'none\'"]}',
  // ^^^ this sets up both the content security policy as well as the cors policy (if configured)
  ... // more things
},
{
  ... // more things
  message: 'Q7. Forms: Will your application utilize input forms for data collection?\n * Tip : Consider collection of ratings, feedback, reviews, search, profiles etc...',
  ... // more things
},
{
  ... // more things
  message: "Q8. Caching Strategy: Do you have any intention of introducing a caching layer or using a Content Delivery Network (CDN)?\n * Tip : If this is a possibility in the future, choose 'yes'.",
  ... // more things
},
{
  ... // more things
  message: 'Q8.1. Cache Time To Live (TTL): For MOST public data generated by the application, how long (in seconds) should this information be cached?\n * Tip : Shorter TTLs will require more requests of the application origin; longer TTLs may result in stale, invalid data. You can override this on a per-route basis',
  ... // default is ~ 6 months (in seconds)
},
{
  ... // more things
  message: 'Q9. Application Hosting : Where will application be deployed & hosted? \n * Tip : Looking for GCP, Serverless, AWS, Rackspace, Heroku or similar',
  ... // more things
},
{
  ... // more things
  message: 'Q10. Logging and Auditing: Where will application logs be stored? (absolute path)',
  ... // more things
}