...
Practice Area | Checkpoint | Yes/No | Evidence - Comment | How to? |
Security | Has the Release Security/Vulnerability table been filled out in the protected Security Vulnerabilities wiki space? |
| Table in in the protected Security Vulnerabilities wiki space corresponds to the latest NexusIQ scan | PTL reviews the NexusIQ scans for their project repos and fills out the vulnerability review table |
Have known vulnerabilities (critical and severe) to address/remove in the release been identified with jira tickets? |
| Jira tickets exist for vulnerabilities or the project indicates that there will be no vulnerable library replacement | Complete Jira tickets | |
Has the project committed to the release CII badging level |
| completion of the ONAP level CII questions | ||
If the project uses java, has the project integrated with the oparent.pom? |
| Oparent.pom included in project |
|
M2 Release Planning Milestone
Practice Area | Checkpoint | Yes/No | Evidence - Comment | How to? |
Security | Has the Release Security/Vulnerability table been updated in the protected Security Vulnerabilities wiki space? |
| Table in in the protected Security Vulnerabilities wiki space corresponding to the latest NexusIQ scan | PTL reviews the NexusIQ scans for their project repos and fills out the vulnerability review table |
M3 Release Planning Milestone
M4 Release Planning Milestone