Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolve Last 2 Remaining Issues Reported in SonarQube #23900

Closed
2 tasks done
Tracked by #23405
damen-dotcms opened this issue Jan 25, 2023 · 4 comments
Closed
2 tasks done
Tracked by #23405

Resolve Last 2 Remaining Issues Reported in SonarQube #23900

damen-dotcms opened this issue Jan 25, 2023 · 4 comments
Labels
dotCMS : Security Merged Note to QA OKR : Security & Privacy Owned by Mehdi QA : Approved QA : Passed Internal Release : 23.03 Team : Scout Type : Refactoring

Comments

@damen-dotcms
Copy link
Contributor

damen-dotcms commented Jan 25, 2023
edited

Parent Issue

None

Task

SolarQube has 3 "high priority" labels, BLOCKER, CRITICAL, & MAJOR.

@fabrizzio-dotCMS resolved all of the BLOCKER & CRITICAL issues in #23405 .

We have 2 outstanding issues in the MAJOR category.

Proposed Objective

Security

Proposed Priority

Priority 3 - Average

Acceptance Criteria

SonarQube shows 0 Blocker, Critical, or Major Vulnerabilities.

External Links... Slack Conversations, Support Tickets, Figma Designs, etc.

https://sonarqube.dotcms.site/issues?resolved=false&severities=BLOCKER%2CCRITICAL%2CMAJOR&types=VULNERABILITY

Assumptions & Initiation Needs

No response

Sub-Tasks & Estimates
@damen-dotcms damen-dotcms added Triage Type : Task OKR : Security & Privacy Owned by Mehdi OKR : Core Features Owned by Will dotCMS : Privacy Issues with privacy impacts or needing privacy review Team : Scout and removed Triage OKR : Core Features Owned by Will labels Jan 25, 2023
@damen-dotcms damen-dotcms added dotCMS : Security and removed dotCMS : Privacy Issues with privacy impacts or needing privacy review labels Jan 25, 2023
@damen-dotcms damen-dotcms changed the title Resolve Last 2 Remaining Resolve Last 2 Remaining Issues Reported in SonarQube Jan 25, 2023
fabrizzio-dotCMS added a commit that referenced this issue Jan 26, 2023
@fabrizzio-dotCMS
#23900 fixing ajax vulnerabilities reported by sonar
d27b002
@fabrizzio-dotCMS
Copy link
Contributor

PR #23911

@fabrizzio-dotCMS
Copy link
Contributor

fabrizzio-dotCMS commented Jan 26, 2023
edited

Note to QA:
The verification of this issue requires we make sure the OSGI + Workflows Portlets functionality remains intact.

fabrizzio-dotCMS added a commit that referenced this issue Jan 26, 2023
@fabrizzio-dotCMS
#23900 clean up import
8439ab7
fmontes pushed a commit that referenced this issue Jan 27, 2023
@fabrizzio-dotCMS
#23900 fixing ajax vulnerabilities reported by sonar (#23911)
fb67760 
* #23900  fixing ajax vulnerabilities reported by sonar

* #23900  clean up import
@fabrizzio-dotCMS fabrizzio-dotCMS removed their assignment Jan 27, 2023
@damen-dotcms damen-dotcms mentioned this issue Feb 16, 2023
Closed
@nollymar
Copy link
Contributor

Internal QA: Passed

@bryanboza
Copy link
Member

Everything looks normal after this change. Passed

@wezell wezell closed this as completed May 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dotCMS : Security Merged Note to QA OKR : Security & Privacy Owned by Mehdi QA : Approved QA : Passed Internal Release : 23.03 Team : Scout Type : Refactoring
Projects
dotCMS - Product Planning
Archived in project
Milestone
No milestone
Development

No branches or pull requests
5 participants
@wezell @bryanboza @nollymar @fabrizzio-dotCMS @damen-dotcms