Skip to content
This repository was archived by the owner on May 23, 2023. It is now read-only.

RED-2692: initial aviary.yaml#3

Merged
rmconsole2-wf merged 1 commit into
Workiva:masterfrom
jeffreymelvin-wf:patch-1
Jun 11, 2018
Merged

RED-2692: initial aviary.yaml#3
rmconsole2-wf merged 1 commit into
Workiva:masterfrom
jeffreymelvin-wf:patch-1

Conversation

@jeffreymelvin-wf
Copy link
Copy Markdown

@jeffreymelvin-wf jeffreymelvin-wf commented Jun 11, 2018

Jira ticket: https://jira.atl.workiva.net/browse/RED-2692

Aviary is the InfoSec code scanner which operates on all PRs submitted to Workiva repositories, applying "Security Review Required" or "InfoSec Review Required" labels as necessary. Aviary is configured by way of aviary.yaml files in the root directory of repositories.

The default Aviary options should be sufficient for this repository, so this file is mostly blank. This PR does not invoke a behavior change, but rather documents that this repository has been reviewed and that the decision to use Aviary's default options is a conscious one. Should security-sensitive code be added in the future, please update this file as described here.

Security: @Workiva/infosec-reviewers-p
Code: @micahbeeman-wf

@aviary3-wk
Copy link
Copy Markdown

aviary3-wk commented Jun 11, 2018

Security Insights

The items listed below may not capture all security relevant changes. Before providing a security review, be sure to review the entire PR for security impact.

(1) Security relevant changes were detected
  • Watched file aviary.yaml added

    • Action Items

    • Obtain an infosec review from @Workiva/infosec-reviewers-p
    • Verify aviary.yaml coverage of security relevant code

    Questions or Comments? Reach out on HipChat: InfoSec Forum.

    oliverjensen-wk
    oliverjensen-wk approved these changes Jun 11, 2018
    View reviewed changes
    Copy link
    Copy Markdown

    @oliverjensen-wk oliverjensen-wk left a comment

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    Security +1

    micahbeeman-wf
    micahbeeman-wf approved these changes Jun 11, 2018
    View reviewed changes
    Copy link
    Copy Markdown

    @micahbeeman-wf micahbeeman-wf left a comment

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    +10

    @micahbeeman-wf
    Copy link
    Copy Markdown

    micahbeeman-wf commented Jun 11, 2018

    @Workiva/release-management-pp

    @rmconsole2-wf rmconsole2-wf merged commit 50a8daa into Workiva:master Jun 11, 2018
    @micahbeeman-wf micahbeeman-wf mentioned this pull request Jun 13, 2018
    Merged
    Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

    Reviewers

    2 more reviewers

    @micahbeeman-wf micahbeeman-wf micahbeeman-wf approved these changes

    @oliverjensen-wk oliverjensen-wk oliverjensen-wk approved these changes

    Reviewers whose approvals may not affect merge requirements

    Assignees

    No one assigned

    Labels

    InfoSec Review Required Merge Requirements Met RM Ready

    Projects

    None yet

    Milestone

    No milestone

    Development

    Successfully merging this pull request may close these issues.

    6 participants

    @jeffreymelvin-wf @aviary3-wk @micahbeeman-wf @oliverjensen-wk @rmconsole-wf @rmconsole2-wf