...
| Practice Area | Checkpoint | Yes/No | Evidence - Comment | How to? |
|---|---|---|---|---|
| Security | Has the Release Security/Vulnerability table been filled out in the protected Security Vulnerabilities wiki space? | Yes | R4 APPC Security/Vulnerability - Full Content | R4 APPC Security/Vulnerability - Full Content |
| Have known vulnerabilities (critical and severe) to address/remove in the release been identified with JIRA ticket? | Yes | JIRA tickets exist for vulnerabilities or the project indicates that there will be no vulnerability library replacement. | Create JIRA tickets | |
| Has the project committed to the release CII badging level? | Yes | Project plans that include | See https://www.coreinfrastructure.org/programs/badge-program/ | |
| Has the project created their project CII questionnaire and completed the ONAP level CII requirements | Yes | https://bestpractices.coreinfrastructure.org/en/projects/1579 questionnaire fill in but don't plan to meet Dublin ONAP requirement. | See CII Badging Program | |
| If the project uses java, has the project integrated with the oparent.pom? | No | Depends on OpenDayLight |