This proposes the text to be included in the project release notes.
Status: Recommended by the security subcommittee and presented to the TSC
ONAP has adopted the CII Best Practice Badge Program. The goal of the Beijing release is for all ONAP projects to be close to achieving a CII Passing badge.
The results of the badging and the known vulnerability assessment for <ProjectName> can be found on the project page. <ProjectName> code is formally scanned during build time using NexusIQ and all Critical vulnerabilities found in these scans are closed. The remaining security vulnerabilities and their workarounds are captured in <LinkToProjectVulnerabilityReviewTable>.
Quick Links
<ProjectName> project page: <LinkToProjectPage>
Badging information for <ProjectName>: <linkToProjectNameBadgeResultsOnCIIBestPractices>
Project Vulnerability Review Table for <ProjectName>: <LinkToProjectVulnerabilityTable>
Badging Requirements: https://github.com/coreinfrastructure/best-practices-badge#core-infrastructure-initiative-best-practices-badge
Badging Status for all ONAP projects: https://bestpractices.coreinfrastructure.org/en/projects?page=1&q=onap