Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[pi-24 pqs] ml-api-adapter pqs readiness for Mojaloop v16.1.0 RC #3957

Closed
20 tasks done
elnyry-sam-k opened this issue Jun 18, 2024 · 0 comments
Closed
20 tasks done

[pi-24 pqs] ml-api-adapter pqs readiness for Mojaloop v16.1.0 RC #3957

elnyry-sam-k opened this issue Jun 18, 2024 · 0 comments
Assignees
@elnyry-sam-k
Labels
oss-core This is an issue - story or epic related to a feature on a Mojaloop core service or related to it security Mojaloop Platform Quality and Security Initiative story

Comments

@elnyry-sam-k
Copy link
Member

Goal:

As an adopter of Mojaloop

I want to ensure that latest Mojaloop release of ml-api-adapter has known security & quality issues addressed

so that Mojaloop platform can be deployed securely with known vulnerabilities addressed.

Acceptance Criteria:

  • Snyk alerts for ml-api-adapter repository are addressed
  • Dependabot alerts for ml-api-adapter repository are addressed (moderate, high and critical)
  • Ensure main branch is protected and collaborator list is up-to-date
  • Ensure open PRs are addressed, closing stale PRs
  • Update audit exceptions json file to remove exceptions added that are not necessary anymore
  • Close issues on the repository that are fixed / out-of-date
  • Ensure codeowners file is current

Complexity: Medium

Uncertainty: Medium

Tasks:

  • Address dependabot alerts and fix issues
  • Address Snyk alerts and fix
  • Review open PRs and close ones that are out-of-date or not applicable and remind owners to update
  • Review open issues and close ones that are out-of-date or not applicable and remind owners to update
  • Review branch protection rules
  • Review collaborators and access to the repository
  • Update codeowners file to be up-to-date

Done

  • Acceptance Criteria pass
  • Unit Tests pass
  • Integration Tests pass
  • Code Style & Coverage meets standards
  • Changes made to config (default.json) are broadcast to team and follow-up tasks added to update helm charts and other deployment config

Pull Requests:

Follow-up:

  • N/A

Dependencies:

  • N/A

Accountability:
@elnyry-sam-k elnyry-sam-k self-assigned this Jun 18, 2024
@elnyry-sam-k elnyry-sam-k added story oss-core This is an issue - story or epic related to a feature on a Mojaloop core service or related to it security Mojaloop Platform Quality and Security Initiative labels Jun 18, 2024
@elnyry-sam-k elnyry-sam-k changed the title [pi-24 pqs] ml-api-ledger pqs readiness for Mojaloop v16.1.0 RC [pi-24 pqs] ml-api-adapter pqs readiness for Mojaloop v16.1.0 RC Jun 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elnyry-sam-k elnyry-sam-k

Labels
oss-core This is an issue - story or epic related to a feature on a Mojaloop core service or related to it security Mojaloop Platform Quality and Security Initiative story
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@elnyry-sam-k