Issues
- Develop new FM/PM/CM VES message formats aligned with O-RAN O1VNFRQTS-1003Resolved issue: VNFRQTS-1003Former user
- Jira CleanupVNFRQTS-1002Resolved issue: VNFRQTS-1002Former user
- Finalize DocumentationVNFRQTS-1001Resolved issue: VNFRQTS-1001Former user
- Create a Release BranchVNFRQTS-1000Resolved issue: VNFRQTS-1000Former user
- Complete Key Updates PageVNFRQTS-999Resolved issue: VNFRQTS-999Former user
- Review license scan issuesVNFRQTS-998Resolved issue: VNFRQTS-998Former user
- Release Candidate
VNFRQTS-997Resolved issue: VNFRQTS-997Former user - Verify that there are no merge requests older than 36 hoursVNFRQTS-996Resolved issue: VNFRQTS-996Former user
- Update the Platform Maturity goals and CII badgingVNFRQTS-995Resolved issue: VNFRQTS-995Former user
- Update integration weather boardVNFRQTS-994Resolved issue: VNFRQTS-994Former user
- Review and update INFO.yamlVNFRQTS-993Resolved issue: VNFRQTS-993Former user
- Complete preliminary documentationVNFRQTS-992Resolved issue: VNFRQTS-992Former user
- Finish assigning Jira issues to the Istanbul releaseVNFRQTS-991Resolved issue: VNFRQTS-991Former user
- Start OOM review with updated container imageVNFRQTS-990Resolved issue: VNFRQTS-990Former user
- Feature FreezeVNFRQTS-989Resolved issue: VNFRQTS-989Former user
- Resolve high/highest priority JIRA issuesVNFRQTS-988Resolved issue: VNFRQTS-988Former user
- Review license scan issuesVNFRQTS-987Resolved issue: VNFRQTS-987Former user
- Verify that there are no merge requests older than 36 hoursVNFRQTS-986Resolved issue: VNFRQTS-986Former user
- Finalized Code SubmissionVNFRQTS-985Resolved issue: VNFRQTS-985Former user
- Complete release planning templateVNFRQTS-984Resolved issue: VNFRQTS-984Former user
- Review and update the document tracking tableVNFRQTS-983Resolved issue: VNFRQTS-983Former user
- Update documented risksVNFRQTS-982Resolved issue: VNFRQTS-982Former user
- Review license scan issuesVNFRQTS-981Resolved issue: VNFRQTS-981Former user
- Complete Architectural subcommittee reviewVNFRQTS-980Resolved issue: VNFRQTS-980Former user
- Data models shared with Modeling subcommitteeVNFRQTS-979Resolved issue: VNFRQTS-979Former user
- Verify that there are no merge requests older than 36 hoursVNFRQTS-978Resolved issue: VNFRQTS-978Former user
- Communicate API changes to other projectsVNFRQTS-977Resolved issue: VNFRQTS-977Former user
- Specification FreezeVNFRQTS-976Resolved issue: VNFRQTS-976Former user
- Review Code Coverage goal vs. actualsVNFRQTS-975Resolved issue: VNFRQTS-975Former user
- Update the FOSS wiki pageVNFRQTS-974Resolved issue: VNFRQTS-974Former user
- Request an architectural subcommittee reviewVNFRQTS-973Resolved issue: VNFRQTS-973Former user
- Global Requirements ApprovalVNFRQTS-972Resolved issue: VNFRQTS-972Former user
- Finalize DocumentationVNFRQTS-971Resolved issue: VNFRQTS-971Former user
- Verify readiness of release artifactsVNFRQTS-970Resolved issue: VNFRQTS-970Former user
- JIRA CleanupVNFRQTS-969Resolved issue: VNFRQTS-969Former user
- Release Candidate 2 Integration and TestVNFRQTS-968Resolved issue: VNFRQTS-968Former user
- Verify delivered documentsVNFRQTS-967Resolved issue: VNFRQTS-967Former user
- Create preliminary release notesVNFRQTS-966Resolved issue: VNFRQTS-966Former user
- Review license scan issuesVNFRQTS-965Resolved issue: VNFRQTS-965Former user
- Verify readiness of release artifactsVNFRQTS-964Resolved issue: VNFRQTS-964Former user
- JIRA CleanupVNFRQTS-963Resolved issue: VNFRQTS-963Former user
- Release Candidate 1 Integration and TestVNFRQTS-962Resolved issue: VNFRQTS-962Former user
- Create a release branchVNFRQTS-961Resolved issue: VNFRQTS-961Former user
- Complete marketing updateVNFRQTS-960Resolved issue: VNFRQTS-960Former user
- Update integration weather board and creat pairwise testing pageVNFRQTS-959Resolved issue: VNFRQTS-959Former user
- Resolve high/highest priority JIRA issuesVNFRQTS-958Resolved issue: VNFRQTS-958Former user
- Deliver updated container to integration teamVNFRQTS-957Resolved issue: VNFRQTS-957Former user
- Complete project testingVNFRQTS-956Resolved issue: VNFRQTS-956Former user
- Review license scan issuesVNFRQTS-955Resolved issue: VNFRQTS-955Former user
- Release Candidate 0 Integration and TestVNFRQTS-954Resolved issue: VNFRQTS-954Former user
50 of 996
CONTINUATION OF BEST PRACTICES BADGING SCORE IMPROVEMENTS FOR SILVER LEVEL
Description
50% Done
0% Done
is blocked by
relates to
Details
Assignee
Former userFormer user(Deactivated)Reporter
Paweł PawlakPaweł PawlakLabels
Requirement Type
Best Practice (global - all code)TSC Priority
1Arch Review
Not requiredScope Status
Original ScopeT-Shirt Size
XSM1 Approval
GOM2 Approval
GOM3 Approval
GOFix versions
Priority
HighestEpic Name
CII Badging updates
Details
Details
Assignee
Former user
Former user(Deactivated)Reporter
Paweł Pawlak
Paweł Pawlak
Labels
Requirement Type
Best Practice (global - all code)
TSC Priority
1
Arch Review
Not required
Scope Status
Original Scope
T-Shirt Size
XS
M1 Approval
GO
M2 Approval
GO
M3 Approval
GO
Fix versions
Priority
HighestEpic Name
CII Badging updates
Created October 13, 2020 at 11:51 AM
Updated September 18, 2023 at 2:21 AM
Activity
Show:
Former user April 23, 2021 at 3:37 PM
Approved as a Global Requirement beginning with Istanbul
See: https://wiki.onap.org/x/3YcDBg
Former user March 11, 2021 at 10:58 AM
==================================
Congratulations M3 Honolulu Milestone Passed
==================================
Former user January 28, 2021 at 12:22 PM
==================================
Congratulations M2 Honolulu Milestone Passed
==================================
Former user December 11, 2020 at 10:18 AM
TSC approved this requirement as best practice on 12/10/2020.
Former user December 1, 2020 at 7:27 PM
"Req or Use Case" = "Non-Functional Requirement" has been deprecated. Please update this issue.
See this email for details: https://lists.onap.org/g/onap-requirements-sub/message/1844
Description of Use Case / Requirement:
ONAP project will provide their feedback for the Application Security questions:
Crypto Credentials Agility – ½ of apps in met and almost half not yet answered
Implement Secure Design – 1/3 of projects did not answer
Crypto Weaknesses – tests to be applied (3 including Morgan)
39 crypto weaknesses have been discovered in the SonarCube scans, each of which can be fixed by changing a value in the code (requires less than 30min of work by a developer). SECCOM can provide recommendations
134 instances of bypassed host verification or certificate validation have been identified in the code, which need to be reviewed with the PTLs
For Istanbul, the security issues we will concentrate on are:
command injection - 1 issue found in 1 project
sql injection - 5 issues found in 4 projects
xss (cross site scripting) - 11 issues found in 7 projects
xxe (XML External Entity) - 38 issues found in 13 projects
Projects that have already answered this question positively, should verify that the answer is still correct.
Should be the Assignee - use @ notation): , ,
Link to HLD/LLD (if any):
Dependency Relationships with Other Projects:
Project Impact (Test Only (TO), Code (C)): C **
Support Status for each Affected Project (Supported (S); Partially Supported (P); Not Supported (N)):
Note: for any affected projects labeled 'P' or 'N', please document the resulting gaps.
Integration Leads (use @ notation):
Company Engagement: