...
- Proposed name for the project: OSA
Project description:
- OSA is a documentation only project that provides an outlet for release-agnostic security advisories.
Scope:
- Describe the functionality to be provided by the project. Please provide the full intended scope of the project; not just what is intended for the project's first release.
- Specify any interface/API specification proposed,
- Identity a list of features and functionality will be developed.
- Identify what is in or out of scope. During the development phase, it helps reduce discussion.
- OSA will not participate in the release process OR project tracking - it is a release agnostic documentation project intended to inform users about discovered vulnerabilities and remediation
- The template for a single advisory has been already defined in Vulnerability Management Procedure
Architecture Alignment:
- How does this project fit into the rest of the ONAP Architecture?
- Using a repo to provide security advisories is a common method by other open source projects (see Open Stack approach)
- How does this align with external standards/specifications?
- N/A
- Are there dependencies with other open source projects?
- NO
Other Information:
- link to seed code (if applicable)
- N/A
- Vendor Neutral
- N/A
- Meets Board policy (including IPR)
Use the above information to create a key project facts section on your project page
Key Project Facts:
Facts | Info |
|---|---|
| PTL (first and last name) | Pawel Pawlak |
| Jira Project Name | ONAP Jira Security Issues |
| Jira Key | OJSI |
| Project ID | OSA |
| Link to Wiki Space |
Release Components Name:
Continuous Delivery - release every time a new advisory appears
Resources committed to the Release:
Note 1: No more than 5 committers per project. Balance the committers list and avoid members representing only one company. Ensure there is at least 3 companies supporting your proposal.
...