Skip to content

Navigation Menu

Explore
By size
By industry
By use case
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

hashgraph / hedera-sdk-js Public

Notifications You must be signed in to change notification settings
Fork 132
Star 255

Code
Issues 67
Pull requests 61
Discussions
Actions
Projects 1
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Security
Insights

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: [2024-Q3] CI/CD Audit Story #2410

Open

9 of 28 tasks

rbarkerSL opened this issue Jul 19, 2024 · 0 comments

Open

9 of 28 tasks

ci: [2024-Q3] CI/CD Audit Story #2410

rbarkerSL opened this issue Jul 19, 2024 · 0 comments

Labels

Audit

Comments

Copy link

Contributor

rbarkerSL commented Jul 19, 2024

CI/CD Quarterly Audit

Description: Perform quarterly CI/CD audit

Audit Criteria

All workflow items are using pinned actions
Appropriate permissions are set within the github workflows
Dependabot is enabled on the repository
The Repository is using self-hosted runners (if appropriate)
The repository uses the current rulesets
Individual branch protections are turned off
Individual tag protections are turned off
The Step-Security Hardened Security action is enabled
CODEOWNERS is valid and up-to-date
Teams are assigned to the repository
Individual contributors that are part of assigned teams are removed from contributors list
Actions are disabled if not in use within last 6 months
Repository settings are configured per organization standard
All webhooks present are needed and in use
If Applicable: Alert repository owners of software versions that are no longer supported
If Applicable: Alert repository owners when software versions are within 3 months of losing support
Custom properties: last-ci-review-by-team is set
Custom properties: last-ci-review-date is set (Use format: YYYY-MM-DD)

Repository Settings

Require contributors to sign off on web-based commits
Features: Issues
Features: Preserve this Repository
Features: Discussions
Features: Projects
Pull Requests: Allow Squash Merging
Pull Requests: Always suggest updating pull request branches
Pull Requests: Automatically delete head branches
Pushes: Limit how many branches and tags can be updated in a single push

Acceptance Criteria

All Audit Criteria have been met

The text was updated successfully, but these errors were encountered:

All reactions

rbarkerSL added the Audit label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Assignees

No one assigned

Labels

Projects

None yet

Milestone

No milestone

Development

No branches or pull requests

1 participant

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.