From 2f27c9a5c35723d133ad87ad446deb13c0dea0b3 Mon Sep 17 00:00:00 2001 From: Diogo Pereira Date: Thu, 1 May 2025 10:45:36 -0700 Subject: [PATCH 1/2] Fixed all attributes to be part of seach Signed-off-by: Diogo Pereira --- output.projects.json | 1773 ++++++++++++++++++++++++++++++++++++ templates/kaban_board.html | 107 ++- 2 files changed, 1837 insertions(+), 43 deletions(-) create mode 100644 output.projects.json diff --git a/output.projects.json b/output.projects.json new file mode 100644 index 0000000..08704b6 --- /dev/null +++ b/output.projects.json @@ -0,0 +1,1773 @@ +[ + { + "assignees": [ + "rbarker-dev", + "andrewb1269hg" + ], + "content": { + "body": "This effort will be worked as part of CITR Phase 2.", + "number": 16411, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "Update workflows to grab latest passing tagged build from XTS results", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16411" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYZd2I", + "iteration": { + "duration": 14, + "iterationId": "bac11ae8", + "startDate": "2025-03-11", + "title": "Iteration 12" + }, + "labels": [ + "github_actions" + ], + "priority": "P0", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Ready", + "title": "Update workflows to grab latest passing tagged build from XTS results" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "**Details**:\r\nRemoves `if: {{ false }}` condition on snyk monitor job\r\n", + "number": 18142, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "chore: Re-enable Snyk Monitor job", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/18142" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX32mg", + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "2025-02-21T00:00:00Z", + "title": "v0.60" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "reviewers": [ + "github-maintainers" + ], + "status": "Done", + "title": "chore: Re-enable Snyk Monitor job" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "", + "number": 769, + "repository": "hiero-ledger/hiero-block-node", + "title": "Change Ubuntu 20.04 to latest instances", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-block-node/issues/769" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX7Hdk", + "labels": [ + "github_actions" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/hiero-block-node/pull/770" + ], + "milestone": { + "description": "", + "dueOn": "2025-03-04T00:00:00Z", + "title": "0.6.0" + }, + "repository": "https://github.com/hiero-ledger/hiero-block-node", + "status": "Done", + "title": "Change Ubuntu 20.04 to latest instances" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "**Description**:\r\nUpdate version of Ubuntu in the verify-artifacts job to be 24.04 and 22.04 instead of 22.04 and 20.04\r\n\r\n**Related Issue(s)**:\r\nFixes #769 \r\n", + "number": 770, + "repository": "hiero-ledger/hiero-block-node", + "title": "ci: Update ubuntu runners to 24.04 and 22.04", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-block-node/pull/770" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX7ICc", + "labels": [ + "dependencies", + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "2025-03-04T00:00:00Z", + "title": "0.6.0" + }, + "repository": "https://github.com/hiero-ledger/hiero-block-node", + "reviewers": [ + "github-maintainers" + ], + "status": "Done", + "title": "ci: Update ubuntu runners to 24.04 and 22.04" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "**Description**:\r\n\r\nCherry picks fix from main to update ubuntu runners in gradle determinism to use 22.04/24.04 instead of 20.04/22.04\r\n(cherry picked from commit 0a994c1c91ac9cb8779e85c19abe8ca2f0e428d3)\r\n\r\n**Related issue(s)**:\r\n\r\nFixes #18180 \r\n\r\n\r\n", + "number": 18181, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "ci: update ubuntu version to 24.04 and 22.04", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/18181" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX7bYs", + "labels": [ + "Release" + ], + "milestone": { + "description": "", + "dueOn": "2025-02-21T00:00:00Z", + "title": "v0.60" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "reviewers": [ + "github-maintainers" + ], + "status": "Done", + "title": "ci: update ubuntu version to 24.04 and 22.04" + }, + { + "assignees": [ + "mhess-swl", + "rbarker-dev" + ], + "content": { + "body": "### Background\n\n#17742 added a codepath for ISS occurrences in the blockstream code. A new hapi test was also added with a `@Disabled` annotation. This ticket is for capturing the work needed to make it run as a PR check in CI. \n\n### Acceptance Criteria\n\n- The `IssHandlingTestSuite` runs as a separate PR check on all consensus node PRs\n\n### Dependencies\n\n- Configuration from the platform CI team\n\n### Definition of Ready (DoR) Checklist\n\n- [x] Clear acceptance criteria\n- [ ] Clear and detailed description\n- [x] Dependencies identified\n- [x] Links to documentation\n- [x] Should be completable in 2-3 Days\n- [ ] Initial draft of Low-level design document \u2013 N/A\n- [ ] At least high level test plan \u2013 N/A\n- [ ] Groomed/Estimated\n\n### Definition of Done (DoD) Checklist\n\n- [x] Acceptance Criteria complete\n- [x] No Codacy issues greater than minor (in new code)\n- [x] JavaDocs updated/created \u2013 N/A\n- [x] Code commented \u2013 N/A\n- [ ] Unit tests created/updated \u2013 N/A\n- [ ] 80% test code coverage (in new code) \u2013 N/A\n- [x] Happy Path and major negative cases in HAPI tests as applicable", + "number": 18198, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "Add ISS test to CI", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/18198" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX97Us", + "linked pull requests": [ + "https://github.com/hiero-ledger/hiero-consensus-node/pull/18204" + ], + "milestone": { + "description": "", + "dueOn": "", + "title": "v0.61" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Done", + "title": "Add ISS test to CI" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "**Description**:\r\n\r\nEnables hapi-iss-tests to run as part of Standard PR Checks Adds hapi-iss-tests to build-application workflow-dispatch triggers Enables the IssHandlingTestSuite\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #18198", + "number": 18204, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "ci: Enable IssHandlingTestSuite in CI PR Checks", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/18204" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX99XY", + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "", + "title": "v0.61" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "reviewers": [ + "github-maintainers", + "mhess-swl", + "andrewb1269hg" + ], + "status": "Done", + "title": "ci: Enable IssHandlingTestSuite in CI PR Checks" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "**Description**:\r\n\r\nAdds user @akdev to hcn-execution-committers\r\n\r\n", + "number": 146, + "repository": "hiero-ledger/governance", + "title": "chore: add user akdev to hcn-execution-committers", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/governance/pull/146" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX-BQ4", + "labels": [ + "help wanted" + ], + "repository": "https://github.com/hiero-ledger/governance", + "reviewers": [ + "netopyr", + "tinker-michaelj", + "Neeharika-Sompalli" + ], + "status": "Done", + "title": "chore: add user akdev to hcn-execution-committers" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "**Description**:\r\n\r\nPer [RESD-111](https://swirldslabs.atlassian.net/browse/RESD-111)\r\n\r\n- [x] Add team `hcn-execution-internal-contributors`\r\n- [x] Add user: elpinkypie to this team\n- [x] Add user: akdev to this team\r\n- [x] Add team to hiero-consensus-node with `triage` permission\r\n\r\n", + "number": 147, + "repository": "hiero-ledger/governance", + "title": "chore: Add team hcn-execution-internal-contributors", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/governance/pull/147" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX-EHI", + "repository": "https://github.com/hiero-ledger/governance", + "reviewers": [ + "netopyr", + "nathanklick" + ], + "status": "Done", + "title": "chore: Add team hcn-execution-internal-contributors" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "- Collect unit test artifacts by the build application workflow on push to develop and store as build artifacts\n- Pull in unit test artifacts into XTS run\n- Collect unit test artifacts on XTS run\n- Aggregate test artifacts and store as build artifacts on XTS\n- Publish all artifacts (commit merged by pull request AND XTS to codacy)", + "number": 16729, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "CITR Phase 1: Aggregate Unit Test Logs", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16729" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX-MfA", + "iteration": { + "duration": 14, + "iterationId": "bac11ae8", + "startDate": "2025-03-11", + "title": "Iteration 12" + }, + "labels": [ + "github_actions" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/hiero-consensus-node/pull/16895" + ], + "milestone": { + "description": "", + "dueOn": "", + "title": "v0.61" + }, + "priority": "P2", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Backlog", + "title": "CITR Phase 1: Aggregate Unit Test Logs" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "RESD-80 Jira ticket for reference.\n", + "number": 148, + "repository": "hiero-ledger/governance", + "title": "chore: move Pavel to github-maintainers", + "type": "Issue", + "url": "https://github.com/hiero-ledger/governance/issues/148" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX-QaI", + "labels": [ + "documentation" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/governance/pull/149" + ], + "repository": "https://github.com/hiero-ledger/governance", + "status": "Done", + "title": "chore: move Pavel to github-maintainers" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "**Description**:\r\n\r\nAdd Pavel to github-maintainers group\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #148\r\n", + "number": 149, + "repository": "hiero-ledger/governance", + "title": "chore: add Pavel to github-maintainers group", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/governance/pull/149" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX-QmU", + "labels": [ + "documentation" + ], + "repository": "https://github.com/hiero-ledger/governance", + "reviewers": [ + "nathanklick", + "rbarker-dev" + ], + "status": "Done", + "title": "chore: add Pavel to github-maintainers group" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "Investigate the github firehose app integration into Slack. This will allow the @hiero-ledger/github-maintainers group to direct all issues into a Slack channel to triage and be aware of.\n\nNote this story is for investigation only. Future stories will be developed for implementing the app.", + "number": 18206, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "ci: investigate github firehose integration with Slack", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/18206" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX-Rho", + "iteration": { + "duration": 14, + "iterationId": "bac11ae8", + "startDate": "2025-03-11", + "title": "Iteration 12" + }, + "labels": [ + "github_actions" + ], + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Done", + "title": "ci: investigate github firehose integration with Slack" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "Per LFDT requirements each repository should have a single maintainers group to ensure a 2/3rds quorum for voting members into committer/contributor roles.\r\n", + "number": 151, + "repository": "hiero-ledger/governance", + "title": "chore: Consolidate hiero-consensus-node maintainers into a single group", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/governance/pull/151" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYBkrA", + "repository": "https://github.com/hiero-ledger/governance", + "reviewers": [ + "nathanklick", + "hendrikebbers", + "andrewb1269hg" + ], + "status": "Done", + "title": "chore: Consolidate hiero-consensus-node maintainers into a single group" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "As outlined in [Jira Ticket RESD-136](https://swirldslabs.atlassian.net/jira/servicedesk/projects/RESD/queues/custom/159/RESD-136), move Tim from consensus group to execution group via a PR and obtain appropriate votes as approvals.", + "number": 153, + "repository": "hiero-ledger/governance", + "title": "chore: Move Tim Farber-Newman (timfn-hg) from consensus to execution team", + "type": "Issue", + "url": "https://github.com/hiero-ledger/governance/issues/153" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYG83o", + "labels": [ + "documentation" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/governance/pull/154" + ], + "repository": "https://github.com/hiero-ledger/governance", + "status": "New", + "title": "chore: Move Tim Farber-Newman (timfn-hg) from consensus to execution team" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "Made updates on main as part of PR: https://github.com/hiero-ledger/hiero-consensus-node/pull/18178", + "number": 18180, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "Cherry pick change to use ubuntu 22.04/24.04 instead of 20.04/22.04", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/18180" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgX7a7w", + "labels": [ + "Release" + ], + "milestone": { + "description": "", + "dueOn": "2025-02-21T00:00:00Z", + "title": "v0.60" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "New", + "title": "Cherry pick change to use ubuntu 22.04/24.04 instead of 20.04/22.04" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "Publish release notes generated during the release process as an artifact. We can update future workflows to pull these artifacts in from the official release process.", + "number": 18259, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "ci: publish release notes as artifacts", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/18259" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYHM9Y", + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "", + "title": "v0.61" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "New", + "title": "ci: publish release notes as artifacts" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "Update the pull request triggers for smoke tests, e2e tests, and gradle PR checks\n\n```\n pull_request:\n types:\n - opened\n - reopened\n - synchronize\n ```", + "number": 833, + "repository": "hiero-ledger/hiero-block-node", + "title": "fix pull request triggers", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-block-node/issues/833" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYO7lw", + "labels": [ + "github_actions" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/hiero-block-node/pull/834" + ], + "milestone": { + "description": "", + "dueOn": "2025-03-04T00:00:00Z", + "title": "0.6.0" + }, + "repository": "https://github.com/hiero-ledger/hiero-block-node", + "status": "Done", + "title": "fix pull request triggers" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "**Description**:\r\n\r\n- update e2e-tests.yml, smoke-test.yml, and pr-checks.yml `on`-triggers to use pull_request: types per standard pull_request triggers.\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #833\r\n", + "number": 834, + "repository": "hiero-ledger/hiero-block-node", + "title": "ci: Fix triggers for e2e-tests, smoke-test, and pr-checks", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-block-node/pull/834" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYO9Js", + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "2025-03-04T00:00:00Z", + "title": "0.6.0" + }, + "repository": "https://github.com/hiero-ledger/hiero-block-node", + "reviewers": [ + "github-maintainers", + "nathanklick", + "AlfredoG87", + "andrewb1269hg" + ], + "status": "Done", + "title": "ci: Fix triggers for e2e-tests, smoke-test, and pr-checks" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "Add `hiero-mirror-node-explorer` repo to the `config.yaml` file with appropriate permissions.", + "number": 158, + "repository": "hiero-ledger/governance", + "title": "chore: add hiero-mirror-node-explorer repo and groups.", + "type": "Issue", + "url": "https://github.com/hiero-ledger/governance/issues/158" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYRsS0", + "labels": [ + "documentation" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/governance/pull/159" + ], + "repository": "https://github.com/hiero-ledger/governance", + "status": "Done", + "title": "chore: add hiero-mirror-node-explorer repo and groups." + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "**Description**:\r\n\r\nCreate the hiero-mirror-node-explorer repo with appropriate permissions.\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #158\r\n", + "number": 159, + "repository": "hiero-ledger/governance", + "title": "chore: create hiero-mirror-node-explorer repo", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/governance/pull/159" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYRtTE", + "labels": [ + "documentation" + ], + "repository": "https://github.com/hiero-ledger/governance", + "reviewers": [ + "rbarker-dev" + ], + "status": "Done", + "title": "chore: create hiero-mirror-node-explorer repo" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "Add automation user to the MNE repo.", + "number": 163, + "repository": "hiero-ledger/governance", + "title": "chore: add automation user to the MNE repo", + "type": "Issue", + "url": "https://github.com/hiero-ledger/governance/issues/163" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYTMJg", + "labels": [ + "documentation" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/governance/pull/164" + ], + "repository": "https://github.com/hiero-ledger/governance", + "status": "Done", + "title": "chore: add automation user to the MNE repo" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "**Description**:\r\n\r\nAdd hiero-automation user to the MNE repo.\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #163\r\n", + "number": 164, + "repository": "hiero-ledger/governance", + "title": "chore: add hiero automation user to MNE", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/governance/pull/164" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYTMUk", + "labels": [ + "documentation" + ], + "repository": "https://github.com/hiero-ledger/governance", + "reviewers": [ + "rbarker-dev" + ], + "status": "Done", + "title": "chore: add hiero automation user to MNE" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "**Description**:\r\n\r\nUpdate the transfer.md file to reflect completed transfer of the `hiero-ledger/hiero-mirror-node-explorer` repo.", + "number": 62, + "repository": "hiero-ledger/hiero", + "title": "chore: update hiero-mirror-node-explorer repo for move", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero/pull/62" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYTOls", + "labels": [ + "documentation" + ], + "repository": "https://github.com/hiero-ledger/hiero", + "reviewers": [ + "rbarker-dev" + ], + "status": "Done", + "title": "chore: update hiero-mirror-node-explorer repo for move" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "**Description**:\r\n\r\n- Updates the deployment values and registries for GHCR to point at hiero-ledger/hiero-mirror-node\r\n- Updates docker config\r\n- Updates helm chart config\r\n- Updates helm templates\r\n\r\n**Related Issue(s)**:\r\n\r\nRelates to #1581\r\n", + "number": 1740, + "repository": "hiero-ledger/hiero-mirror-node-explorer", + "title": "chore: Update workflows and deployments for MNE", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-mirror-node-explorer/pull/1740" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYTQ3I", + "labels": [ + "github_actions" + ], + "repository": "https://github.com/hiero-ledger/hiero-mirror-node-explorer", + "reviewers": [ + "github-maintainers", + "hiero-mirror-node-explorer-maintainers", + "nathanklick", + "svienot", + "ericleponner", + "andrewb1269hg" + ], + "status": "Done", + "title": "chore: Update workflows and deployments for MNE" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "Add the following files to the CODEOWNERS file for tracking:\n\n```\ndocker-compose.yml\n\npackage.json\n\nsonar-project.properties\n```", + "number": 1741, + "repository": "hiero-ledger/hiero-mirror-node-explorer", + "title": "chore: add files to CODEOWNERS file", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-mirror-node-explorer/issues/1741" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYTRXE", + "labels": [ + "github_actions" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/hiero-mirror-node-explorer/pull/1742" + ], + "repository": "https://github.com/hiero-ledger/hiero-mirror-node-explorer", + "status": "Done", + "title": "chore: add files to CODEOWNERS file" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "**Description**:\r\n\r\nAdd 3 new files to CODEOWNERS file.\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #1741\r\n", + "number": 1742, + "repository": "hiero-ledger/hiero-mirror-node-explorer", + "title": "chore: add new files to CODEOWNERS", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-mirror-node-explorer/pull/1742" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYTRmY", + "labels": [ + "github_actions" + ], + "repository": "https://github.com/hiero-ledger/hiero-mirror-node-explorer", + "reviewers": [ + "github-maintainers" + ], + "status": "Done", + "title": "chore: add new files to CODEOWNERS" + }, + { + "assignees": [ + "nathanklick", + "rbarker-dev", + "andrewb1269hg" + ], + "content": { + "body": "Need to add tagging scheme for phase 2 work in CITR", + "number": 16409, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "Develop tagging scheme for SDPT -> SDLT promotion", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16409" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYZdpk", + "iteration": { + "duration": 14, + "iterationId": "bac11ae8", + "startDate": "2025-03-11", + "title": "Iteration 12" + }, + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "", + "title": "v0.61" + }, + "priority": "P0", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Backlog", + "title": "Develop tagging scheme for SDPT -> SDLT promotion" + }, + { + "content": { + "body": "Implement CodeQL in repo as identified in 2024 Q3 audit.", + "number": 981, + "repository": "hiero-ledger/hiero-local-node", + "title": "ci: implement CodeQL in repo", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-local-node/issues/981" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYdqEs", + "labels": [ + "github_actions" + ], + "repository": "https://github.com/hiero-ledger/hiero-local-node", + "status": "New", + "title": "ci: implement CodeQL in repo" + }, + { + "content": { + "body": "Implement Snyk in repo and configure. Identified as part of 2024 Q3 audit tasks.", + "number": 982, + "repository": "hiero-ledger/hiero-local-node", + "title": "ci: implement Snyk in repo", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-local-node/issues/982" + }, + "id": "PVTI_lADOCq2Q984AzKZJzgYdqIA", + "labels": [ + "github_actions" + ], + "repository": "https://github.com/hiero-ledger/hiero-local-node", + "status": "New", + "title": "ci: implement Snyk in repo" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "Create a new workflow to run hourly to sync branch names from `hiero-consensus-node` repository to `swirlds/swirlds-platform-regression` repository.", + "number": 4039, + "repository": "swirlds/swirlds-platform-regression", + "title": "ci: sync branch names from HCN", + "type": "Issue", + "url": "https://github.com/swirlds/swirlds-platform-regression/issues/4039" + }, + "id": "PVTI_lADOAcO5i84AzKZOzgX4bus", + "labels": [ + "github_actions" + ], + "repository": "https://github.com/swirlds/swirlds-platform-regression", + "status": "New", + "title": "ci: sync branch names from HCN" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "Merge the following workflows for custom property handling:\n\n- configure-custom-properties\n- read-all-custom-properties\n- update-custom-properties\nMerge these in from [here](https://github.com/PandasWhoCode/governance/tree/main/.github/workflows).\n\nInclude the following config files:\n`.github/properties_schema.json`\n`repo-properties.yaml`", + "number": 1, + "repository": "swirlds/governance", + "title": "chore: merge workflows for custom properties", + "type": "Issue", + "url": "https://github.com/swirlds/governance/issues/1" + }, + "id": "PVTI_lADOAcO5i84AzKZOzgZszn8", + "labels": [ + "documentation", + "enhancement" + ], + "linked pull requests": [ + "https://github.com/swirlds/governance/pull/2" + ], + "repository": "https://github.com/swirlds/governance", + "status": "Done", + "title": "chore: merge workflows for custom properties" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "**Description**:\r\n\r\nAdd 3 workflow files for handling custom properties. Add 2 supporting config files.\r\n\r\nThis PR adds workflow files and config files for handling custom properties inside the organization.\r\n\r\nThe `repo-properties.yaml` file holds the source of truth of all custom properties for all repos in the organization. There is a workflow called `update-custom-properties` that will call an action to update all custom properties in the organization to the latest in the `yaml` file.\r\n\r\nThere is a second workflow called `read-all-custom-properties`. This is used to generate the `repo-properties.yaml` file for the first time.\r\n\r\nThe third workflow is `configure-custom-properties`. This reads the `properties_schema.json` to create, modify, or remove custom properties at the organization level.\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #1 \r\n", + "number": 2, + "repository": "swirlds/governance", + "title": "chore: merge workflows for custom properties", + "type": "PullRequest", + "url": "https://github.com/swirlds/governance/pull/2" + }, + "id": "PVTI_lADOAcO5i84AzKZOzgZtiiQ", + "labels": [ + "documentation", + "enhancement" + ], + "repository": "https://github.com/swirlds/governance", + "reviewers": [ + "rbarker-dev" + ], + "status": "Done", + "title": "chore: merge workflows for custom properties" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "# CI/CD Repository Audit\n\n**Description**:\nPerform repository audit.\n\n**If there has not been a significant commit in the last year, add a note indicating so.**\n**Skip to `Acceptance Criteria` section at the bottom to complete close this issue.**\n\n# Administrative Audit Criteria\n\n### Actions State\nIf actions have not been run in the previous 6 months they should be disabled:\n- [ ] Actions are/have been disabled\n\nIf actions have run in the last 6 months then actions shall remain enabled:\n- [x] Actions are enabled\n\n## Settings Window\n### General Tab\n- [x] Require contributors to sign off on web-based commits\n\n#### Features Section:\n- [x] Disable Wiki\n - If it is in use, leave Wiki enabled. If not in use, remove functionality (uncheck Wiki option). Should be disabled whenever possible.\n- [x] Enable Issues\n- [ ] Enable Preserve this Repository\n- [x] Enable Discussions if repository is public\n- [x] Enable Projects\n \n#### Pull Requests Section:\n- [x] Enable Allow Squash Merging\n- [x] Enable Always suggest updating pull request branches\n- [x] Enable Automatically delete head branches\n \n#### Pushes Section:\n- [x] Pushes: Limit how many branches and tags can be updated in a single push (Default # is 5)\n\n### Collaborators and Teams Tab\n- [ ] Teams are assigned to the repository\n- [ ] Individual contributors that are part of assigned teams are removed from contributors list\n\n### Branches Tab\n- [x] Individual branch protections are turned off\n\n### Tags Tab\n- [x] Individual tag protections are turned off\n\n### Rules/Rulesets Tab\n- [x] The repository uses the current rulesets\n- [x] If appropriate, global rules are enabled/disabled for the repo\n\n### Actions Tab\n**If actions are enabled**:\n- [ ] Codecov is enabled on the repository\n- [x] Title check is enabled\n- [x] DCO check is enabled\n\n### Webhooks Tab\n- [x] All webhooks present are needed and in use\n- [ ] Snyk is enabled on the repo (check to see if the webhook exists and is in use)\n\n### Code Security Tab\n- [x] Dependabot is enabled on the repository\n\n### Secrets and Variables Tab\n- [x] GitHub secrets are employed to store sensitive data\n- [x] Tokens are stored securely as GitHub Secrets\n\n### GitHub Apps\n- [ ] Code Coverage Reporting\n- [ ] CodeQL is enabled on the repository\n- [ ] Codacy is enabled on the repository\n\n## App Integrations\n- [x] Dependabot is configured to monitor all relevant ecosystems (verify through `dependabot.yaml` file)\n - Link to [relevant ecosystems](https://docs.github.com/en/code-security/dependabot/ecosystems-supported-by-dependabot/supported-ecosystems-and-repositories)\n- [x] DCO-2 is configured as the DCO check\n\n## Code Formatting\n- [ ] NodeJS Projects use ESLint/Prettier formatting\n- [ ] Java Projects use Checkstyle/Spotless formatting\n- [ ] CPP Projects use Clang Tidy\n- [ ] Rust\n- [ ] Swift\n- [x] Go\n\n## CODEOWNERS\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n# Workflow Audit Criteria\n\n## Security Checks in Workflows\n- [x] Secrets Management In Workflow Files (`/.github/workflows/`)\n - [x] No hardcoded secrets in the workflow files or code\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unauthorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n - [ ] Use pinned versions of Docker files\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n\n## Workflow checks\n\n- [x] Appropriate permissions are set within the GitHub workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The step-security hardened security action is enabled on each workflow job\n - [ ] If the step-security dashboard reports action with score of <6, request a step-security version of the action\n\n## Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n## Other\n\n- [x] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [x] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met\n- [ ] Inactive Repo (>1 year since last significant commit)\n- [ ] Empty Repo\n\n## Custom Properties - Marking Complete\n\nUpdate the `repo-properties.json` file in the `ORG/governance` repository\n\n- [x] Custom properties: `initial-ci-review-by-team` is set\n- [x] Custom properties: `initial-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n*Note: assumes `ORG/governance` is a valid repository in the Github Organization being audited*\n", + "number": 1018, + "repository": "swirlds/swirlds-docker", + "title": "ci: [2025-Q2] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/swirlds/swirlds-docker/issues/1018" + }, + "id": "PVTI_lADOAcO5i84AzKZOzgZwKIc", + "labels": [ + "Audit" + ], + "priority": "P3", + "repository": "https://github.com/swirlds/swirlds-docker", + "status": "Done", + "title": "ci: [2025-Q2] CI/CD Audit Story" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "# CI/CD Repository Audit\n\n**Description**:\nPerform repository audit.\n\n**If there has not been a significant commit in the last year, add a note indicating so.**\n**Skip to `Acceptance Criteria` section at the bottom to complete close this issue.**\n\n# Administrative Audit Criteria\n\n### Actions State\nIf actions have not been run in the previous 6 months they should be disabled:\n- [ ] Actions are/have been disabled\n\nIf actions have run in the last 6 months then actions shall remain enabled:\n- [ ] Actions are enabled\n\n## Settings Window\n### General Tab\n- [ ] Require contributors to sign off on web-based commits\n\n#### Features Section:\n- [ ] Disable Wiki\n - If it is in use, leave Wiki enabled. If not in use, remove functionality (uncheck Wiki option). Should be disabled whenever possible.\n- [ ] Enable Issues\n- [ ] Enable Preserve this Repository\n- [ ] Enable Discussions if repository is public\n- [ ] Enable Projects\n \n#### Pull Requests Section:\n- [ ] Enable Allow Squash Merging\n- [ ] Enable Always suggest updating pull request branches\n- [ ] Enable Automatically delete head branches\n \n#### Pushes Section:\n- [ ] Pushes: Limit how many branches and tags can be updated in a single push (Default # is 5)\n\n### Collaborators and Teams Tab\n- [ ] Teams are assigned to the repository\n- [ ] Individual contributors that are part of assigned teams are removed from contributors list\n\n### Branches Tab\n- [ ] Individual branch protections are turned off\n\n### Tags Tab\n- [ ] Individual tag protections are turned off\n\n### Rules/Rulesets Tab\n- [ ] The repository uses the current rulesets\n- [ ] If appropriate, global rules are enabled/disabled for the repo\n\n### Actions Tab\n**If actions are enabled**:\n- [ ] Codecov is enabled on the repository\n- [ ] Title check is enabled\n- [ ] DCO check is enabled\n\n### Webhooks Tab\n- [ ] All webhooks present are needed and in use\n- [ ] Snyk is enabled on the repo (check to see if the webhook exists and is in use)\n\n### Code Security Tab\n- [ ] Dependabot is enabled on the repository\n\n### Secrets and Variables Tab\n- [ ] GitHub secrets are employed to store sensitive data\n- [ ] Tokens are stored securely as GitHub Secrets\n\n### GitHub Apps\n- [ ] Code Coverage Reporting\n- [ ] CodeQL is enabled on the repository\n- [ ] Codacy is enabled on the repository\n\n## App Integrations\n- [ ] Dependabot is configured to monitor all relevant ecosystems (verify through `dependabot.yaml` file)\n - Link to [relevant ecosystems](https://docs.github.com/en/code-security/dependabot/ecosystems-supported-by-dependabot/supported-ecosystems-and-repositories)\n- [ ] DCO-2 is configured as the DCO check\n\n## Code Formatting\n- [ ] NodeJS Projects use ESLint/Prettier formatting\n- [ ] Java Projects use Checkstyle/Spotless formatting\n- [ ] CPP Projects use Clang Tidy\n- [ ] Rust\n- [ ] Swift\n- [ ] Go\n\n## CODEOWNERS\n- [ ] `.github/CODEOWNERS` is valid and up-to-date\n\n# Workflow Audit Criteria\n\n## Security Checks in Workflows\n- [ ] Secrets Management In Workflow Files (`/.github/workflows/`)\n - [ ] No hardcoded secrets in the workflow files or code\n - [ ] Secrets are referenced in CI via config files or environment variables\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [ ] Checksums/hashes are verified during CI process to detect unauthorized changes\n - [ ] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n - [ ] Use pinned versions of Docker files\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n\n## Workflow checks\n\n- [ ] Appropriate permissions are set within the GitHub workflows\n- [ ] All steps are named\n- [ ] All workflow actions are using pinned commits\n- [ ] The step-security hardened security action is enabled on each workflow job\n - [ ] If the step-security dashboard reports action with score of <6, request a step-security version of the action\n\n## Self Hosted Runners\n\n- [ ] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n## Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met\n- [ ] Inactive Repo (>1 year since last significant commit)\n- [ ] Empty Repo\n\n## Custom Properties - Marking Complete\n\nUpdate the `repo-properties.json` file in the `ORG/governance` repository\n\n- [ ] Custom properties: `initial-ci-review-by-team` is set\n- [ ] Custom properties: `initial-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n*Note: assumes `ORG/governance` is a valid repository in the Github Organization being audited*\n", + "number": 4053, + "repository": "swirlds/swirlds-platform-regression", + "title": "ci: [2025-Q2] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/swirlds/swirlds-platform-regression/issues/4053" + }, + "id": "PVTI_lADOAcO5i84AzKZOzgZwKJY", + "labels": [ + "Audit" + ], + "priority": "P3", + "repository": "https://github.com/swirlds/swirlds-platform-regression", + "status": "Ready", + "title": "ci: [2025-Q2] CI/CD Audit Story" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "# CI/CD Repository Audit\n\n**Description**:\nPerform repository audit.\n\n**If there has not been a significant commit in the last year, add a note indicating so.**\n**Skip to `Acceptance Criteria` section at the bottom to complete close this issue.**\n\n# Administrative Audit Criteria\n\n### Actions State\nIf actions have not been run in the previous 6 months they should be disabled:\n- [x] Actions are/have been disabled\n\nIf actions have run in the last 6 months then actions shall remain enabled:\n- [ ] Actions are enabled\n\n## Settings Window\n### General Tab\n- [x] Require contributors to sign off on web-based commits\n\n#### Features Section:\n- [x] Disable Wiki\n - If it is in use, leave Wiki enabled. If not in use, remove functionality (uncheck Wiki option). Should be disabled whenever possible.\n- [x] Enable Issues\n- [ ] Enable Preserve this Repository\n- [ ] Enable Discussions if repository is public\n- [x] Enable Projects\n \n#### Pull Requests Section:\n- [x] Enable Allow Squash Merging\n- [x] Enable Always suggest updating pull request branches\n- [x] Enable Automatically delete head branches\n \n#### Pushes Section:\n- [x] Pushes: Limit how many branches and tags can be updated in a single push (Default # is 5)\n\n### Collaborators and Teams Tab\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n\n### Branches Tab\n- [x] Individual branch protections are turned off\n\n### Tags Tab\n- [x] Individual tag protections are turned off\n\n### Rules/Rulesets Tab\n- [x] The repository uses the current rulesets\n- [x] If appropriate, global rules are enabled/disabled for the repo\n\n### Actions Tab\n**If actions are enabled**:\n- [ ] Codecov is enabled on the repository\n- [ ] Title check is enabled\n- [x] DCO check is enabled\n\n### Webhooks Tab\n- [ ] All webhooks present are needed and in use\n- [ ] Snyk is enabled on the repo (check to see if the webhook exists and is in use)\n\n### Code Security Tab\n- [x] Dependabot is enabled on the repository\n\n### Secrets and Variables Tab\n- [ ] GitHub secrets are employed to store sensitive data\n- [ ] Tokens are stored securely as GitHub Secrets\n\n### GitHub Apps\n- [ ] Code Coverage Reporting\n- [ ] CodeQL is enabled on the repository\n- [ ] Codacy is enabled on the repository\n\n## App Integrations\n- [ ] Dependabot is configured to monitor all relevant ecosystems (verify through `dependabot.yaml` file)\n - Link to [relevant ecosystems](https://docs.github.com/en/code-security/dependabot/ecosystems-supported-by-dependabot/supported-ecosystems-and-repositories)\n- [x] DCO-2 is configured as the DCO check\n\n## Code Formatting\n- [ ] NodeJS Projects use ESLint/Prettier formatting\n- [ ] Java Projects use Checkstyle/Spotless formatting\n- [ ] CPP Projects use Clang Tidy\n- [ ] Rust\n- [ ] Swift\n- [ ] Go\n\n## CODEOWNERS\n- [ ] `.github/CODEOWNERS` is valid and up-to-date\n\n# Workflow Audit Criteria\n\n## Security Checks in Workflows\n- [ ] Secrets Management In Workflow Files (`/.github/workflows/`)\n - [ ] No hardcoded secrets in the workflow files or code\n - [ ] Secrets are referenced in CI via config files or environment variables\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [ ] Checksums/hashes are verified during CI process to detect unauthorized changes\n - [ ] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n - [ ] Use pinned versions of Docker files\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n\n## Workflow checks\n\n- [ ] Appropriate permissions are set within the GitHub workflows\n- [ ] All steps are named\n- [ ] All workflow actions are using pinned commits\n- [ ] The step-security hardened security action is enabled on each workflow job\n - [ ] If the step-security dashboard reports action with score of <6, request a step-security version of the action\n\n## Self Hosted Runners\n\n- [ ] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n## Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met\n- [ ] Inactive Repo (>1 year since last significant commit)\n- [ ] Empty Repo\n\n## Custom Properties - Marking Complete\n\nUpdate the `repo-properties.json` file in the `ORG/governance` repository\n\n- [x] Custom properties: `initial-ci-review-by-team` is set\n- [x] Custom properties: `initial-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n*Note: assumes `ORG/governance` is a valid repository in the Github Organization being audited*\n", + "number": 1, + "repository": "swirlds/TestBackup_RecoveryRepo", + "title": "ci: [2025-Q2] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/swirlds/TestBackup_RecoveryRepo/issues/1" + }, + "id": "PVTI_lADOAcO5i84AzKZOzgZwKKM", + "labels": [ + "Audit" + ], + "priority": "P3", + "repository": "https://github.com/swirlds/TestBackup_RecoveryRepo", + "status": "Done", + "title": "ci: [2025-Q2] CI/CD Audit Story" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "# CI/CD Repository Audit\n\n**Description**:\nPerform repository audit.\n\n**If there has not been a significant commit in the last year, add a note indicating so.**\n**Skip to `Acceptance Criteria` section at the bottom to complete close this issue.**\n\n# Administrative Audit Criteria\n\n### Actions State\nIf actions have not been run in the previous 6 months they should be disabled:\n- [ ] Actions are/have been disabled\n\nIf actions have run in the last 6 months then actions shall remain enabled:\n- [x] Actions are enabled\n\n## Settings Window\n### General Tab\n- [x] Require contributors to sign off on web-based commits\n\n#### Features Section:\n- [x] Disable Wiki\n - If it is in use, leave Wiki enabled. If not in use, remove functionality (uncheck Wiki option). Should be disabled whenever possible.\n- [x] Enable Issues\n- [ ] Enable Preserve this Repository\n- [x] Enable Discussions if repository is public\n- [x] Enable Projects\n \n#### Pull Requests Section:\n- [x] Enable Allow Squash Merging\n- [x] Enable Always suggest updating pull request branches\n- [x] Enable Automatically delete head branches\n \n#### Pushes Section:\n- [x] Pushes: Limit how many branches and tags can be updated in a single push (Default # is 5)\n\n### Collaborators and Teams Tab\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n\n### Branches Tab\n- [x] Individual branch protections are turned off\n\n### Tags Tab\n- [x] Individual tag protections are turned off\n\n### Rules/Rulesets Tab\n- [x] The repository uses the current rulesets\n- [x] If appropriate, global rules are enabled/disabled for the repo\n\n### Actions Tab\n**If actions are enabled**:\n- [ ] Codecov is enabled on the repository\n- [x] Title check is enabled\n- [x] DCO check is enabled\n\n### Webhooks Tab\n- [ ] All webhooks present are needed and in use\n- [ ] Snyk is enabled on the repo (check to see if the webhook exists and is in use)\n\n### Code Security Tab\n- [x] Dependabot is enabled on the repository\n\n### Secrets and Variables Tab\n- [x] GitHub secrets are employed to store sensitive data\n- [x] Tokens are stored securely as GitHub Secrets\n\n### GitHub Apps\n- [ ] Code Coverage Reporting\n- [ ] CodeQL is enabled on the repository\n- [ ] Codacy is enabled on the repository\n\n## App Integrations\n- [x] Dependabot is configured to monitor all relevant ecosystems (verify through `dependabot.yaml` file)\n - Link to [relevant ecosystems](https://docs.github.com/en/code-security/dependabot/ecosystems-supported-by-dependabot/supported-ecosystems-and-repositories)\n- [x] DCO-2 is configured as the DCO check\n\n## Code Formatting\n- [ ] NodeJS Projects use ESLint/Prettier formatting\n- [ ] Java Projects use Checkstyle/Spotless formatting\n- [ ] CPP Projects use Clang Tidy\n- [ ] Rust\n- [ ] Swift\n- [ ] Go\n\n## CODEOWNERS\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n# Workflow Audit Criteria\n\n## Security Checks in Workflows\n- [x] Secrets Management In Workflow Files (`/.github/workflows/`)\n - [x] No hardcoded secrets in the workflow files or code\n - [x] Secrets are referenced in CI via config files or environment variables\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [ ] Checksums/hashes are verified during CI process to detect unauthorized changes\n - [ ] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n - [ ] Use pinned versions of Docker files\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n\n## Workflow checks\n\n- [x] Appropriate permissions are set within the GitHub workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The step-security hardened security action is enabled on each workflow job\n - [ ] If the step-security dashboard reports action with score of <6, request a step-security version of the action\n\n## Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n## Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met\n- [ ] Inactive Repo (>1 year since last significant commit)\n- [ ] Empty Repo\n\n## Custom Properties - Marking Complete\n\nUpdate the `repo-properties.json` file in the `ORG/governance` repository\n\n- [x] Custom properties: `initial-ci-review-by-team` is set\n- [x] Custom properties: `initial-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n*Note: assumes `ORG/governance` is a valid repository in the Github Organization being audited*\n", + "number": 5, + "repository": "swirlds/governance", + "title": "ci: [2025-Q2] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/swirlds/governance/issues/5" + }, + "id": "PVTI_lADOAcO5i84AzKZOzgZwKKg", + "labels": [ + "Audit" + ], + "priority": "P3", + "repository": "https://github.com/swirlds/governance", + "status": "Done", + "title": "ci: [2025-Q2] CI/CD Audit Story" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "Add the conventional commits title check workflow and add to required checks.", + "number": 1019, + "repository": "swirlds/swirlds-docker", + "title": "Add the conventional commits title check workflow", + "type": "Issue", + "url": "https://github.com/swirlds/swirlds-docker/issues/1019" + }, + "id": "PVTI_lADOAcO5i84AzKZOzgZ2dBg", + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/swirlds/swirlds-docker/pull/1020" + ], + "repository": "https://github.com/swirlds/swirlds-docker", + "status": "Done", + "title": "Add the conventional commits title check workflow" + }, + { + "assignees": [ + "PavelSBorisov", + "rbarker-dev" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [x] Snyk is enabled on the repository\n- [ ] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [x] ESLint rules are applied to the codebase\n - [x] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", + "number": 522, + "repository": "hashgraph/hedera-metamask-snaps", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hashgraph/hedera-metamask-snaps/issues/522" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnWI", + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/hashgraph/hedera-metamask-snaps/pull/776" + ], + "priority": "P4", + "repository": "https://github.com/hashgraph/hedera-metamask-snaps", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg", + "mishomihov00" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [x] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", + "number": 1909, + "repository": "hiero-ledger/hiero-sdk-java", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-sdk-java/issues/1909" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnRg", + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/hiero-sdk-java/pull/2055" + ], + "priority": "P4", + "repository": "https://github.com/hiero-ledger/hiero-sdk-java", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg", + "mishomihov00" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [x] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [x] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [x] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [x] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", + "number": 2410, + "repository": "hiero-ledger/hiero-sdk-js", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-sdk-js/issues/2410" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnTw", + "labels": [ + "Audit" + ], + "priority": "P4", + "repository": "https://github.com/hiero-ledger/hiero-sdk-js", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "PavelSBorisov" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [ ] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [ ] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [ ] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [x] Snyk is enabled on the repository\n- [ ] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [x] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [ ] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [x] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", + "number": 2732, + "repository": "hiero-ledger/hiero-json-rpc-relay", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-json-rpc-relay/issues/2732" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnYs", + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/hiero-json-rpc-relay/pull/3194" + ], + "priority": "P4", + "repository": "https://github.com/hiero-ledger/hiero-json-rpc-relay", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [x] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", + "number": 811, + "repository": "hiero-ledger/hiero-sdk-rust", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-sdk-rust/issues/811" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnQE", + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/hiero-sdk-rust/pull/924" + ], + "priority": "P4", + "repository": "https://github.com/hiero-ledger/hiero-sdk-rust", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [x] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [x] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", + "number": 155, + "repository": "hashgraph/solo-operator", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hashgraph/solo-operator/issues/155" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnZI", + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/hashgraph/solo-operator/pull/327", + "https://github.com/hashgraph/solo-operator/pull/336" + ], + "priority": "P4", + "repository": "https://github.com/hashgraph/solo-operator", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg", + "mishomihov00" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [ ] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [x] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [ ] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", + "number": 267, + "repository": "hashgraph/pbj", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hashgraph/pbj/issues/267" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnOo", + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/hashgraph/pbj/pull/312" + ], + "priority": "P4", + "repository": "https://github.com/hashgraph/pbj", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg", + "mishomihov00" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [x] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [x] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [x] ESLint rules are applied to the codebase\n - [x] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", + "number": 440, + "repository": "hiero-ledger/solo", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hiero-ledger/solo/issues/440" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnXM", + "labels": [ + "Audit", + "Security" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/solo/pull/778" + ], + "priority": "P4", + "repository": "https://github.com/hiero-ledger/solo", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [ ] Actions are enabled\n- [x] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [ ] Actions have run in the last 6 months and shall remain enabled\n- [x] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [ ] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [ ] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [ ] Secrets Management\n - [ ] No hardcoded secrets in the workflow files or code\n - [ ] GitHub secrets are employed to store sensitive data\n - [ ] Secrets are referenced in CI via config files or environment variables\n- [ ] Tokens are stored securely as GitHub Secrets\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [ ] Checksums/hashes are verified during CI process to detect unathorized changes\n - [ ] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [ ] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [ ] dependabot.yml is up to date\n\n### Workflow checks\n\n- [ ] Appropriate permissions are set within the github workflows\n- [ ] All steps are named\n- [ ] All workflow actions are using pinned commits\n- [ ] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [ ] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", + "number": 33, + "repository": "hashgraph/terraform-hedera-node-modules", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hashgraph/terraform-hedera-node-modules/issues/33" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnGg", + "labels": [ + "Audit" + ], + "priority": "P4", + "repository": "https://github.com/hashgraph/terraform-hedera-node-modules", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg", + "mishomihov00" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [x] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [x] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", + "number": 14333, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/14333" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnYc", + "labels": [ + "Audit" + ], + "priority": "P4", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg", + "mishomihov00" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [ ] Actions are enabled\n- [x] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [ ] Actions have run in the last 6 months and shall remain enabled\n- [x] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [ ] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [ ] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [ ] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [ ] Checksums/hashes are verified during CI process to detect unathorized changes\n - [ ] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [ ] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [ ] dependabot.yml is up to date\n\n### Workflow checks\n\n- [ ] Appropriate permissions are set within the github workflows\n- [ ] All steps are named\n- [ ] All workflow actions are using pinned commits\n- [ ] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [ ] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [ ] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", + "number": 544, + "repository": "hashgraph/hedera-transaction-tool-demo", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hashgraph/hedera-transaction-tool-demo/issues/544" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnWs", + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/hashgraph/hedera-transaction-tool-demo/pull/562" + ], + "priority": "P4", + "repository": "https://github.com/hashgraph/hedera-transaction-tool-demo", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg", + "mishomihov00" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [ ] Actions are enabled\n- [x] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [ ] Actions have run in the last 6 months and shall remain enabled\n- [x] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [ ] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [ ] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [ ] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [ ] GitHub secrets are employed to store sensitive data\n - [ ] Secrets are referenced in CI via config files or environment variables\n- [ ] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [ ] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [ ] dependabot.yml is up to date\n\n### Workflow checks\n\n- [ ] Appropriate permissions are set within the github workflows\n- [ ] All steps are named\n- [ ] All workflow actions are using pinned commits\n- [ ] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [ ] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [ ] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", + "number": 9, + "repository": "hashgraph/hedera-state-proof-verifier-go", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hashgraph/hedera-state-proof-verifier-go/issues/9" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnYE", + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/hashgraph/hedera-state-proof-verifier-go/pull/10" + ], + "priority": "P4", + "repository": "https://github.com/hashgraph/hedera-state-proof-verifier-go", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "andrewb1269hg", + "mishomihov00" + ], + "content": { + "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [x] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [x] ESLint rules are applied to the codebase\n - [x] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", + "number": 704, + "repository": "hiero-ledger/hiero-local-node", + "title": "ci: [2024-Q3] CI/CD Audit Story", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-local-node/issues/704" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgREnPo", + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/hiero-ledger/hiero-local-node/pull/811" + ], + "priority": "P4", + "repository": "https://github.com/hiero-ledger/hiero-local-node", + "status": "Done", + "title": "ci: [2024-Q3] CI/CD Audit Story" + }, + { + "assignees": [ + "jjohannes" + ], + "content": { + "body": "**Description**:\r\n\r\n**Related issue(s)**:\r\n\r\n**Notes for reviewer**:\r\n\r\n\r\n**Checklist**\r\n\r\n- [ ] Documented (Code comments, README, etc.)\r\n- [ ] Tested (unit, integration, etc.)\r\n", + "number": 14026, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "feat: move Google protobuf generated code to test fixtures scope", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/14026" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgXNnsw", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Done", + "title": "feat: move Google protobuf generated code to test fixtures scope" + }, + { + "assignees": [ + "PavelSBorisov", + "andrewb1269hg" + ], + "content": { + "body": "We will need to implement semantic release within the hedera-cryptography repo to facilitate versioning.", + "number": 193, + "repository": "hashgraph/hedera-cryptography", + "title": "Implement semantic release", + "type": "Issue", + "url": "https://github.com/hashgraph/hedera-cryptography/issues/193" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgWK99c", + "iteration": { + "duration": 14, + "iterationId": "7d9d129f", + "startDate": "2025-02-11", + "title": "Iteration 10" + }, + "labels": [ + "Feature Enhancement", + "Release", + "github_actions", + "released", + "released on @193-implement-semantic-release" + ], + "linked pull requests": [ + "https://github.com/hashgraph/hedera-cryptography/pull/206", + "https://github.com/hashgraph/hedera-cryptography/pull/303" + ], + "priority": "P0", + "repository": "https://github.com/hashgraph/hedera-cryptography", + "status": "Done", + "target Need Date": "2025-02-10", + "title": "Implement semantic release" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "Add scope to package.json", + "number": 384, + "repository": "hashgraph/hedera-accelerator-defi-dex-ui", + "title": "chore: update package.json with scoped package name", + "type": "Issue", + "url": "https://github.com/hashgraph/hedera-accelerator-defi-dex-ui/issues/384" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgWPleI", + "iteration": { + "duration": 14, + "iterationId": "7d9d129f", + "startDate": "2025-02-11", + "title": "Iteration 10" + }, + "labels": [ + "Audit" + ], + "linked pull requests": [ + "https://github.com/hashgraph/hedera-accelerator-defi-dex-ui/pull/385" + ], + "repository": "https://github.com/hashgraph/hedera-accelerator-defi-dex-ui", + "status": "Done", + "title": "chore: update package.json with scoped package name" + }, + { + "assignees": [ + "jjohannes", + "tinker-michaelj" + ], + "content": { + "body": "Bumps `junit5` from 5.10.2 to 5.11.4.\nUpdates `org.junit.jupiter:junit-jupiter-api` from 5.10.2 to 5.11.4\n
\nRelease notes\n

Sourced from org.junit.jupiter:junit-jupiter-api's releases.

\n
\n

JUnit 5.11.4 = Platform 1.11.4 + Jupiter 5.11.4 + Vintage 5.11.4

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.3...r5.11.4

\n

JUnit 5.11.3 = Platform 1.11.3 + Jupiter 5.11.3 + Vintage 5.11.3

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.2...r5.11.3

\n

JUnit 5.11.2 = Platform 1.11.2 + Jupiter 5.11.2 + Vintage 5.11.2

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.1...r5.11.2

\n

JUnit 5.11.1 = Platform 1.11.1 + Jupiter 5.11.1 + Vintage 5.11.1

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.0...r5.11.1

\n

JUnit 5.11.0 = Platform 1.11.0 + Jupiter 5.11.0 + Vintage 5.11.0

\n

See Release Notes.

\n

New Contributors

\n\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.10.3...r5.11.0

\n

JUnit 5.11.0-RC1 = Platform 1.11.0-RC1 + Jupiter 5.11.0-RC1 + Vintage 5.11.0-RC1

\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • 6430ba4 Release 5.11.4
    • \n
  • d093121 Finalize 5.11.4 release notes
    • \n
  • 0444353 Fix Maven integration tests on JDK 24
    • \n
  • b5c7f4e Move #4153 to 5.11.4 release notes
    • \n
  • b20c4e2 Ensure the XMLStreamWriter is closed after use
    • \n
  • 6376f0a Configure Git username and email
    • \n
  • 2b485c4 Set reference repo URI
    • \n
  • 500b5a0 Inject username and password via new DSL
    • \n
  • d671961 Update plugin gitPublish to v5
    • \n
  • 3d11279 Add JAVA_25 to JRE enum
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\nUpdates `org.junit.jupiter:junit-jupiter-engine` from 5.10.2 to 5.11.4\n
\nRelease notes\n

Sourced from org.junit.jupiter:junit-jupiter-engine's releases.

\n
\n

JUnit 5.11.4 = Platform 1.11.4 + Jupiter 5.11.4 + Vintage 5.11.4

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.3...r5.11.4

\n

JUnit 5.11.3 = Platform 1.11.3 + Jupiter 5.11.3 + Vintage 5.11.3

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.2...r5.11.3

\n

JUnit 5.11.2 = Platform 1.11.2 + Jupiter 5.11.2 + Vintage 5.11.2

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.1...r5.11.2

\n

JUnit 5.11.1 = Platform 1.11.1 + Jupiter 5.11.1 + Vintage 5.11.1

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.0...r5.11.1

\n

JUnit 5.11.0 = Platform 1.11.0 + Jupiter 5.11.0 + Vintage 5.11.0

\n

See Release Notes.

\n

New Contributors

\n\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.10.3...r5.11.0

\n

JUnit 5.11.0-RC1 = Platform 1.11.0-RC1 + Jupiter 5.11.0-RC1 + Vintage 5.11.0-RC1

\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • 6430ba4 Release 5.11.4
    • \n
  • d093121 Finalize 5.11.4 release notes
    • \n
  • 0444353 Fix Maven integration tests on JDK 24
    • \n
  • b5c7f4e Move #4153 to 5.11.4 release notes
    • \n
  • b20c4e2 Ensure the XMLStreamWriter is closed after use
    • \n
  • 6376f0a Configure Git username and email
    • \n
  • 2b485c4 Set reference repo URI
    • \n
  • 500b5a0 Inject username and password via new DSL
    • \n
  • d671961 Update plugin gitPublish to v5
    • \n
  • 3d11279 Add JAVA_25 to JRE enum
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n
\n\n> **Note**\n> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.", + "number": 17125, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "build(deps): bump junit5 from 5.10.2 to 5.12.0 in /hiero-dependency-versions", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17125" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgW5n2A", + "iteration": { + "duration": 14, + "iterationId": "7d9d129f", + "startDate": "2025-02-11", + "title": "Iteration 10" + }, + "labels": [ + "dependencies", + "Java" + ], + "milestone": { + "description": "", + "dueOn": "", + "title": "v0.61" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "reviewers": [ + "platform-ci", + "platform-ci-committers", + "rbarker-dev", + "hedera-services", + "hedera-smart-contracts-core", + "thomas-swirlds-labs", + "tinker-michaelj", + "github-maintainers", + "jjohannes" + ], + "status": "Blocked", + "title": "build(deps): bump junit5 from 5.10.2 to 5.12.0 in /hiero-dependency-versions" + }, + { + "assignees": [ + "jjohannes" + ], + "content": { + "body": "- Adjust all production code that still uses the `com.hederahashgraph.api.proto.java.*` classes to use the classes generated by PBJ. Remove all `requires com.google.protobuf;` from all modules.\n- Remove google-protobuf codegen from `hapi/hapi`. The project only generates code with PBJ after the change (by removing [this Gradle configuration](https://github.com/hiero-ledger/hiero-consensus-node/blob/bb014388a72daf292c708f2ffe5052b06f22d90d/hapi/hapi/build.gradle.kts#L24-L29)).\n- `hapi/hapi` **testFixtures** and **test** use `hapi/hedera-protobuf-java-api` for the tests that validate the PBJ and google-protobuf are compatible. ", + "number": 18102, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "Use PBJ-generated protobufs instead of google-protobuf-generated protobufs in all production code", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/18102" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgXzWXU", + "iteration": { + "duration": 14, + "iterationId": "803ae4c2", + "startDate": "2025-02-25", + "title": "Iteration 11" + }, + "linked pull requests": [ + "https://github.com/hiero-ledger/hiero-consensus-node/pull/18174" + ], + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Blocked", + "title": "Use PBJ-generated protobufs instead of google-protobuf-generated protobufs in all production code" + }, + { + "content": { + "body": "After https://github.com/hiero-ledger/hiero-consensus-node/pull/17737 is integrated, this repository should be archived.\n\nAll open issues and PRs can be closed.", + "number": 173, + "repository": "hashgraph/hedera-protobufs-java", + "title": "Archive Repository", + "type": "Issue", + "url": "https://github.com/hashgraph/hedera-protobufs-java/issues/173" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgXoJ3E", + "repository": "https://github.com/hashgraph/hedera-protobufs-java", + "status": "Ready", + "title": "Archive Repository" + }, + { + "assignees": [ + "jjohannes" + ], + "content": { + "body": "**Description**:\r\n\r\nSee: https://github.com/hiero-ledger/hiero-gradle-conventions/releases/tag/v0.3.3\r\n\r\n**Related issue(s)**:\r\n\r\nFixes required for:\r\n- https://github.com/hashgraph/hedera-services/pull/17670\r\n- https://github.com/hashgraph/hedera-services/pull/17210\r\n", + "number": 17674, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "build: bump hiero-gradle-conventions to 0.3.3 / Gradle to 8.12.1", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17674" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgW8r28", + "iteration": { + "duration": 14, + "iterationId": "88baf400", + "startDate": "2025-01-28", + "title": "Iteration 9" + }, + "milestone": { + "description": "", + "dueOn": "2025-01-24T00:00:00Z", + "title": "v0.59" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "reviewers": [ + "platform-ci", + "platform-ci-committers", + "andrewb1269hg", + "mishomihov00" + ], + "status": "Done", + "title": "build: bump hiero-gradle-conventions to 0.3.3 / Gradle to 8.12.1" + }, + { + "assignees": [ + "jjohannes" + ], + "content": { + "body": "**Description**:\r\n\r\nWhile we recently updated the runtime to the latest version, the compiler \u2013 protoc \u2013 stayed on a lower version. The versions should be aligned to the latest release. Which is what this PR is doing.\r\n\r\nNote that these version changes are not critical as long as the tests work. Google protobuf is not used in production. It is here to test that the PBJ generated code is compatible with Google protobuf.\r\n\r\nHistorically, some utility code lives in the production code and that is why Google protobuf is currently on the production classpath, although it is not used in production.\r\n\r\nOnce this update is done, I would like to get back to #14026, which is the attempt to move it out of production. We should re-evaluate how how much work it is now to finally do it.\r\n\r\n`GeneratedMessageV3` needs to be replaced with `GeneratedMessage`\r\nSee: https://protobuf.dev/news/v26/#breaking-compatibility-with-old-generated-code\r\n", + "number": 17662, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "build: consistently use protobuf '4.29.3'", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17662" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgW5iJw", + "iteration": { + "duration": 14, + "iterationId": "88baf400", + "startDate": "2025-01-28", + "title": "Iteration 9" + }, + "milestone": { + "description": "", + "dueOn": "2025-02-21T00:00:00Z", + "title": "v0.60" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "reviewers": [ + "platform-ci", + "platform-ci-committers", + "hedera-services", + "hedera-smart-contracts-core", + "andrewb1269hg", + "kimbor" + ], + "status": "Done", + "title": "build: consistently use protobuf '4.29.3'" + }, + { + "assignees": [ + "jjohannes" + ], + "content": { + "body": "Bumps `mockito` from 5.8.0 to 5.15.2.\nUpdates `org.mockito:mockito-core` from 5.8.0 to 5.15.2\n
\nRelease notes\n

Sourced from org.mockito:mockito-core's releases.

\n
\n

v5.15.2

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.2

\n\n

v5.15.1

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.1

\n\n

v5.15.0

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.0

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • e04dbbe Fix javadoc publication (#3561)
    • \n
  • 567c5b9 Bump org.assertj:assertj-core from 3.27.0 to 3.27.1 (#3560)
    • \n
  • 2c184c9 Introduce release convention plugin for Shipkit integration (#3533)
    • \n
  • 68c4285 Bump org.assertj:assertj-core from 3.26.3 to 3.27.0 (#3557)
    • \n
  • cd4704a Avoid warning when dynamic attach is enabled with JVM flag (#3551)
    • \n
  • 3731b6b Bump org.junit.platform:junit-platform-launcher from 1.11.3 to 1.11.4 (#3555)
    • \n
  • 29c9476 Bump junit-jupiter from 5.11.3 to 5.11.4 (#3554)
    • \n
  • dc0dc88 Bump bytebuddy from 1.15.10 to 1.15.11 (#3553)
    • \n
  • 2e7992b Bump com.google.googlejavaformat:google-java-format (#3545)
    • \n
  • 51ed33f Bump com.gradle.develocity from 3.18.2 to 3.19 (#3544)
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\nUpdates `org.mockito:mockito-junit-jupiter` from 5.8.0 to 5.15.2\n
\nRelease notes\n

Sourced from org.mockito:mockito-junit-jupiter's releases.

\n
\n

v5.15.2

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.2

\n\n

v5.15.1

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.1

\n\n

v5.15.0

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.0

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • e04dbbe Fix javadoc publication (#3561)
    • \n
  • 567c5b9 Bump org.assertj:assertj-core from 3.27.0 to 3.27.1 (#3560)
    • \n
  • 2c184c9 Introduce release convention plugin for Shipkit integration (#3533)
    • \n
  • 68c4285 Bump org.assertj:assertj-core from 3.26.3 to 3.27.0 (#3557)
    • \n
  • cd4704a Avoid warning when dynamic attach is enabled with JVM flag (#3551)
    • \n
  • 3731b6b Bump org.junit.platform:junit-platform-launcher from 1.11.3 to 1.11.4 (#3555)
    • \n
  • 29c9476 Bump junit-jupiter from 5.11.3 to 5.11.4 (#3554)
    • \n
  • dc0dc88 Bump bytebuddy from 1.15.10 to 1.15.11 (#3553)
    • \n
  • 2e7992b Bump com.google.googlejavaformat:google-java-format (#3545)
    • \n
  • 51ed33f Bump com.gradle.develocity from 3.18.2 to 3.19 (#3544)
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n
", + "number": 17242, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "build(deps): bump mockito from 5.8.0 to 5.15.2 in /hiero-dependency-versions", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17242" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgWy9Jo", + "iteration": { + "duration": 14, + "iterationId": "88baf400", + "startDate": "2025-01-28", + "title": "Iteration 9" + }, + "labels": [ + "dependencies", + "Java" + ], + "milestone": { + "description": "", + "dueOn": "2025-01-24T00:00:00Z", + "title": "v0.59" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "reviewers": [ + "platform-ci", + "platform-ci-committers", + "rbarker-dev", + "mishomihov00" + ], + "status": "Done", + "title": "build(deps): bump mockito from 5.8.0 to 5.15.2 in /hiero-dependency-versions" + }, + { + "assignees": [ + "jjohannes" + ], + "content": { + "body": "Bumps `dagger` from 2.42 to 2.55.\nUpdates `com.google.dagger:dagger` from 2.42 to 2.55\n
\nRelease notes\n

Sourced from com.google.dagger:dagger's releases.

\n
\n

Dagger 2.55

\n

Notable/breaking changes

\n
    \n
  • Added support for injecting jakarta.inject.Provider. This should be usable anywhere javax.inject.Provider is usable. Note that this technically comes with a breaking change to disallow providing jakarta.inject.Provider types in the same way it is disallowed for javax.inject.Provider. (caa7e178b)
    • \n
  • Fixed a number of binding graph related issues.\nThese fixes can be enabled with, -Adagger.useBindingGraphFix=ENABLED, but due to this sometimes being a breaking change we\u2019ve set the default behavior to \u201cdisabled\u201d for now. We will flip the default to \u201cenabled\u201d in a future release, and eventually remove the flag altogether. Enabling this feature can fix a number of confusing error messages. See https://dagger.dev/dev-guide/compiler-options#useBindingGraphFix for more details.
    • \n
\n

Bug fixes

\n
    \n
  • Fixed #4549: Fixed incremental processing for LazyClassKey proguard files by adding the\noriginating element to the writeResource call. (98a027541)
    • \n
\n

Dagger 2.54

\n

Bug fixes

\n
    \n
  • Fixed #4303: Upgrade Hilt Gradle Plugin to support KSP2 configuration. (76b581999)
    • \n
  • Fixed #4544: Removes private from InstanceHolder field to avoid unnecessary accessor method. (07d8f883f)
    • \n
  • Fixed #4533: Fixes path separator for Windows when creating LazyClassKey proguard file. (efa421a3f)
    • \n
\n

Notable changes

\n
    \n
  • In preparation for jakarta support, Dagger\u2019s generated factories now include a create() method that uses dagger.internal.Provider rather than javax.inject.Provider. For now, the javax.inject.Provider create() method is also kept for compatibility, but it will be removed in a future release. When that happens, libraries built with the newer version of Dagger may break downstream users of @Component that are built with an older version of Dagger. (d60729d20)
    • \n
\n

Dagger 2.53.1

\n

Bug fixes

\n
    \n
  • Fixes #4525: Update kotlin-jvm-metadata to 2.0.21 to remove dependency on Beta version. (84d3aa5f1)
    • \n
  • Fixes #4526: Add the originating element in LazyMapKeyProxyGenerator. (5fd8ec1a3)
    • \n
\n

Dagger 2.53

\n

Potentially breaking changes:

\n

@Binds methods now requires explicit nullability

\n

New: @Binds methods must explicitly declare nullability (previously we tried to infer it from\nthe parameter). This change aligns the nullability behavior of @Binds with how nullability is\ntreated elsewhere in Dagger by requiring it to be explict at the request and declaration sites.\n(4941926c5)

\n

Suggested fix: If you get a failure due to this change, add the proper nullability to your @Binds method/parameter. For example:

\n
@Module\ninterface MyModule {\n-    @Binds fun bindToNullableImpl(impl: FooImpl): Foo\n+    @Binds fun bindToNullableImpl(impl: FooImpl?): Foo?\n}\n
\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • 14ad560 2.55 release
    • \n
  • 7ca9977 Add binary compatibility validator to the Gradle projects
    • \n
  • 4cd83cb Add documentation for dagger.useBindingGraphFix compiler option.
    • \n
  • 8b4f9b6 Add maven publish plugin to Gradle projects.
    • \n
  • 9daa0ae Wire resource configuration while keeping the Bazel project structure.
    • \n
  • 3418609 Move JDK toolchain, Kotlin language and JVM target configuration to conventio...
    • \n
  • 0927b9a Add flag to control LegacyBindingGraphFactory usage.
    • \n
  • 1620e92 Add Github CI step and action for building with Gradle
    • \n
  • c43783a Initial setup of Gradle as a build system for Dagger
    • \n
  • 98a0275 Fix LazyClassKey proguard file issues.
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\nUpdates `com.google.dagger:dagger-compiler` from 2.42 to 2.55\n
\nRelease notes\n

Sourced from com.google.dagger:dagger-compiler's releases.

\n
\n

Dagger 2.55

\n

Notable/breaking changes

\n
    \n
  • Added support for injecting jakarta.inject.Provider. This should be usable anywhere javax.inject.Provider is usable. Note that this technically comes with a breaking change to disallow providing jakarta.inject.Provider types in the same way it is disallowed for javax.inject.Provider. (caa7e178b)
    • \n
  • Fixed a number of binding graph related issues.\nThese fixes can be enabled with, -Adagger.useBindingGraphFix=ENABLED, but due to this sometimes being a breaking change we\u2019ve set the default behavior to \u201cdisabled\u201d for now. We will flip the default to \u201cenabled\u201d in a future release, and eventually remove the flag altogether. Enabling this feature can fix a number of confusing error messages. See https://dagger.dev/dev-guide/compiler-options#useBindingGraphFix for more details.
    • \n
\n

Bug fixes

\n
    \n
  • Fixed #4549: Fixed incremental processing for LazyClassKey proguard files by adding the\noriginating element to the writeResource call. (98a027541)
    • \n
\n

Dagger 2.54

\n

Bug fixes

\n
    \n
  • Fixed #4303: Upgrade Hilt Gradle Plugin to support KSP2 configuration. (76b581999)
    • \n
  • Fixed #4544: Removes private from InstanceHolder field to avoid unnecessary accessor method. (07d8f883f)
    • \n
  • Fixed #4533: Fixes path separator for Windows when creating LazyClassKey proguard file. (efa421a3f)
    • \n
\n

Notable changes

\n
    \n
  • In preparation for jakarta support, Dagger\u2019s generated factories now include a create() method that uses dagger.internal.Provider rather than javax.inject.Provider. For now, the javax.inject.Provider create() method is also kept for compatibility, but it will be removed in a future release. When that happens, libraries built with the newer version of Dagger may break downstream users of @Component that are built with an older version of Dagger. (d60729d20)
    • \n
\n

Dagger 2.53.1

\n

Bug fixes

\n
    \n
  • Fixes #4525: Update kotlin-jvm-metadata to 2.0.21 to remove dependency on Beta version. (84d3aa5f1)
    • \n
  • Fixes #4526: Add the originating element in LazyMapKeyProxyGenerator. (5fd8ec1a3)
    • \n
\n

Dagger 2.53

\n

Potentially breaking changes:

\n

@Binds methods now requires explicit nullability

\n

New: @Binds methods must explicitly declare nullability (previously we tried to infer it from\nthe parameter). This change aligns the nullability behavior of @Binds with how nullability is\ntreated elsewhere in Dagger by requiring it to be explict at the request and declaration sites.\n(4941926c5)

\n

Suggested fix: If you get a failure due to this change, add the proper nullability to your @Binds method/parameter. For example:

\n
@Module\ninterface MyModule {\n-    @Binds fun bindToNullableImpl(impl: FooImpl): Foo\n+    @Binds fun bindToNullableImpl(impl: FooImpl?): Foo?\n}\n
\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • 14ad560 2.55 release
    • \n
  • 7ca9977 Add binary compatibility validator to the Gradle projects
    • \n
  • 4cd83cb Add documentation for dagger.useBindingGraphFix compiler option.
    • \n
  • 8b4f9b6 Add maven publish plugin to Gradle projects.
    • \n
  • 9daa0ae Wire resource configuration while keeping the Bazel project structure.
    • \n
  • 3418609 Move JDK toolchain, Kotlin language and JVM target configuration to conventio...
    • \n
  • 0927b9a Add flag to control LegacyBindingGraphFactory usage.
    • \n
  • 1620e92 Add Github CI step and action for building with Gradle
    • \n
  • c43783a Initial setup of Gradle as a build system for Dagger
    • \n
  • 98a0275 Fix LazyClassKey proguard file issues.
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n
", + "number": 17378, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "build(deps): bump dagger from 2.42 to 2.55 in /hiero-dependency-versions", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17378" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgWV7Lg", + "iteration": { + "duration": 14, + "iterationId": "88baf400", + "startDate": "2025-01-28", + "title": "Iteration 9" + }, + "labels": [ + "dependencies", + "Java" + ], + "milestone": { + "description": "", + "dueOn": "2025-01-24T00:00:00Z", + "title": "v0.59" + }, + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "reviewers": [ + "platform-ci", + "platform-ci-committers", + "hedera-services", + "hedera-smart-contracts-core", + "netopyr", + "tinker-michaelj", + "mishomihov00" + ], + "status": "Done", + "title": "build(deps): bump dagger from 2.42 to 2.55 in /hiero-dependency-versions" + }, + { + "assignees": [ + "andrewb1269hg" + ], + "content": { + "body": "**Description**:\r\nThe purpose of this PR is to create two workflows:\r\n\r\n`increment-next-main-release.yaml` will increment the `version.txt` file to the next minor release (Ex: 0.58.x --> 0.59.0). This will be used when a release is complete and we are working on a new release version.\r\n\r\n`flow-trigger-release.yaml` will apply a version tag using the `git-semver` tool with appropriate semantic release versioning, trigger our workflows for a release, and generate the release notes in a markdown format.\r\n\r\n**Related issue(s)**:\r\n\r\nFixes #14967 \r\n\r\n**Notes for reviewer**:\r\n\r\n\r\n**Checklist**\r\n\r\n- [x] Documented (Code comments, README, etc.) - Roger has created documentation about the process we're transitioning to for release process of 0.59 and onwards.\r\n- [x] Tested (unit, integration, etc.) - Extensively tested. The latest for action results can be found here for [incrementing the minor version number](https://github.com/hashgraph/hedera-services/actions/workflows/zxf-version-roll.yaml). The latest action results can be found here for [triggering the official release process](https://github.com/hashgraph/hedera-services/actions/workflows/flow-trigger-release.yaml).\r\n- [x] Test Procedure Documentation captured [here in Notion](https://www.notion.so/swirldslabs/hedera-services-Semantic-Release-18c7c9ab2591806bb0bfdd363477b7f5?pvs=4)\r\n", + "number": 17440, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "ci: implement semantic release process", + "type": "PullRequest", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17440" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgWjU9E", + "iteration": { + "duration": 14, + "iterationId": "7d9d129f", + "startDate": "2025-02-11", + "title": "Iteration 10" + }, + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "2025-01-24T00:00:00Z", + "title": "v0.59" + }, + "priority": "P0", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "reviewers": [ + "nathanklick", + "rbarker-dev", + "platform-ci", + "platform-ci-committers", + "release-engineering-managers", + "github-maintainers", + "nathanklick" + ], + "size": "M", + "status": "Done", + "title": "ci: implement semantic release process" + }, + { + "assignees": [ + "rbarker-dev", + "andrewb1269hg" + ], + "content": { + "body": "", + "number": 16412, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "Use solo to provision ephemeral environments running on latitude", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16412" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgUfQlI", + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "2025-01-24T00:00:00Z", + "title": "v0.59" + }, + "priority": "P0", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Backlog", + "title": "Use solo to provision ephemeral environments running on latitude" + }, + { + "assignees": [ + "rbarker-dev", + "andrewb1269hg" + ], + "content": { + "body": "", + "number": 16413, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "Update grafana metric & log labels to use standardized conventions", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16413" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgUfQl4", + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "2025-01-24T00:00:00Z", + "title": "v0.59" + }, + "priority": "P0", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Backlog", + "title": "Update grafana metric & log labels to use standardized conventions" + }, + { + "assignees": [ + "rbarker-dev", + "andrewb1269hg" + ], + "content": { + "body": "", + "number": 16414, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "Pass necessary information on metrics & logs to grafana", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16414" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgUfQmY", + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "2025-01-24T00:00:00Z", + "title": "v0.59" + }, + "priority": "P0", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Backlog", + "title": "Pass necessary information on metrics & logs to grafana" + }, + { + "assignees": [ + "rbarker-dev", + "andrewb1269hg" + ], + "content": { + "body": "- Enhance existing pipelines and ensure full support for build, test, and release workflows\r\n- Add support for publishing OCI compliant container images", + "number": 16415, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "Ensure performance testing is running (Tom's perf test)", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16415" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgUfQmw", + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "2025-01-24T00:00:00Z", + "title": "v0.59" + }, + "priority": "P0", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Backlog", + "title": "Ensure performance testing is running (Tom's perf test)" + }, + { + "assignees": [ + "rbarker-dev", + "andrewb1269hg" + ], + "content": { + "body": "- Add support for metric emission via a Prometheus compatible scrape endpoint\r\n- Ensure log output is Loki compatible\r\n- CI Pipelines:\r\n - Add build, test, and release pipelines to Oleg's test suite repository\r\n - Add support for publishing an OCI compliant container image", + "number": 16416, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "Ensure Oleg's testing is running", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16416" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgUfQnI", + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "2025-01-24T00:00:00Z", + "title": "v0.59" + }, + "priority": "P0", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Backlog", + "title": "Ensure Oleg's testing is running" + }, + { + "assignees": [ + "rbarker-dev" + ], + "content": { + "body": "", + "number": 16384, + "repository": "hiero-ledger/hiero-consensus-node", + "title": "New user controlled workflow for promoting to single day longevity tests", + "type": "Issue", + "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16384" + }, + "id": "PVTI_lADOAdkRTM4Ak5MizgUbl80", + "labels": [ + "github_actions" + ], + "milestone": { + "description": "", + "dueOn": "2025-01-24T00:00:00Z", + "title": "v0.59" + }, + "priority": "P0", + "repository": "https://github.com/hiero-ledger/hiero-consensus-node", + "status": "Backlog", + "target Need Date": "2024-11-26", + "title": "New user controlled workflow for promoting to single day longevity tests" + } +] \ No newline at end of file diff --git a/templates/kaban_board.html b/templates/kaban_board.html index dd42be2..4d35c35 100644 --- a/templates/kaban_board.html +++ b/templates/kaban_board.html @@ -59,56 +59,65 @@

{{ title }}

- + {% for status in statuses %} -
-
-
{{ status }}
+
+
+
{{ status }}
- {% for task in tasks if task.status == status %} - {% set card_id = "card-" ~ status | lower | replace(" ", "-") ~ "-" ~ loop.index0 %} + {% for task in tasks if task.status == status %} + {% set card_id = "card-" ~ status | lower | replace(" ", "-") ~ "-" ~ loop.index0 %} -
-
- - (#{{ task.content.number }}) - -
-
-
- - 📦 Repository: - - {{ task.content.repository }} - - +
+
+ + 🟢 #{{ task.content.number }} + +
-
👤 Assignee: {{ task.assignees | join(', ') }}
-
🏷️ Labels: {{ task.labels | join(', ') }}
-
📌 Status: {{ task.status }}
-
- View Issue +
+
+ + 📦 Repository: + + {{ task.content.repository }} + + +
+
+ + 👤 Assignee: + {{ task.assignees | join(', ') }} + +
+
+ + 🏷️ Labels: + {{ task.labels | join(', ') }} + +
+ {% endfor %}
- {% endfor %}
-
{% endfor %}
-
+
@@ -126,10 +135,22 @@

{{ title }}

// Iterate over all the cards kanbanCards.forEach(function(card) { // Get the card's title, issue number, and other text content to check if it matches the query - const title = card.querySelector('.d-flex .text-dark').textContent.toLowerCase(); - const issueNumber = card.querySelector('.d-flex .text-primary').textContent.toLowerCase(); - const repository = card.querySelector('.text-muted') ? card.querySelector('.text-muted').textContent.toLowerCase() : ''; - const assignee = card.querySelector('.d-flex .assignee') ? card.querySelector('.d-flex .assignee').textContent.toLowerCase() : ''; + const titleElement = card.querySelector('.text-dark'); + const issueNumberElement = card.querySelector('.text-primary'); + const repositoryElement = card.querySelector('.repo-name'); + const assigneeElement = card.querySelector('.assignee'); + const labelsElement = card.querySelector('.labels'); + + const title = titleElement ? titleElement.textContent.toLowerCase() : ''; + const issueNumber = issueNumberElement ? issueNumberElement.textContent.toLowerCase() : ''; + const repository = repositoryElement ? repositoryElement.textContent.toLowerCase() : ''; + const assignee = assigneeElement ? assigneeElement.textContent.toLowerCase() : ''; + const labels = labelsElement ? labelsElement.textContent.toLowerCase() : ''; + + // console.log("Title: " + title) + // console.log("Issue: " + issueNumber) + // console.log("Repository: " + repository) + // console.log("Assignee: " + assignee) // Check if the query matches any part of the task (title, issue number, repository, assignee) const matches = title.includes(query) || issueNumber.includes(query) || repository.includes(query) || assignee.includes(query); From 340e2d1a57186ccff51d0ef74eea39f8a37e3b3e Mon Sep 17 00:00:00 2001 From: Diogo Pereira Date: Thu, 1 May 2025 10:51:53 -0700 Subject: [PATCH 2/2] Deleted output.projects.json from repo Signed-off-by: Diogo Pereira --- .gitignore | 2 +- output.projects.json | 1773 ------------------------------------------ 2 files changed, 1 insertion(+), 1774 deletions(-) delete mode 100644 output.projects.json diff --git a/.gitignore b/.gitignore index df0a1b4..8e05df5 100644 --- a/.gitignore +++ b/.gitignore @@ -178,4 +178,4 @@ cython_debug/ **/**.DS_Store _site/* !_site/.gitkeep - +output.projects.json diff --git a/output.projects.json b/output.projects.json deleted file mode 100644 index 08704b6..0000000 --- a/output.projects.json +++ /dev/null @@ -1,1773 +0,0 @@ -[ - { - "assignees": [ - "rbarker-dev", - "andrewb1269hg" - ], - "content": { - "body": "This effort will be worked as part of CITR Phase 2.", - "number": 16411, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "Update workflows to grab latest passing tagged build from XTS results", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16411" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYZd2I", - "iteration": { - "duration": 14, - "iterationId": "bac11ae8", - "startDate": "2025-03-11", - "title": "Iteration 12" - }, - "labels": [ - "github_actions" - ], - "priority": "P0", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Ready", - "title": "Update workflows to grab latest passing tagged build from XTS results" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "**Details**:\r\nRemoves `if: {{ false }}` condition on snyk monitor job\r\n", - "number": 18142, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "chore: Re-enable Snyk Monitor job", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/18142" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX32mg", - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "2025-02-21T00:00:00Z", - "title": "v0.60" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "reviewers": [ - "github-maintainers" - ], - "status": "Done", - "title": "chore: Re-enable Snyk Monitor job" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "", - "number": 769, - "repository": "hiero-ledger/hiero-block-node", - "title": "Change Ubuntu 20.04 to latest instances", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-block-node/issues/769" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX7Hdk", - "labels": [ - "github_actions" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/hiero-block-node/pull/770" - ], - "milestone": { - "description": "", - "dueOn": "2025-03-04T00:00:00Z", - "title": "0.6.0" - }, - "repository": "https://github.com/hiero-ledger/hiero-block-node", - "status": "Done", - "title": "Change Ubuntu 20.04 to latest instances" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "**Description**:\r\nUpdate version of Ubuntu in the verify-artifacts job to be 24.04 and 22.04 instead of 22.04 and 20.04\r\n\r\n**Related Issue(s)**:\r\nFixes #769 \r\n", - "number": 770, - "repository": "hiero-ledger/hiero-block-node", - "title": "ci: Update ubuntu runners to 24.04 and 22.04", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-block-node/pull/770" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX7ICc", - "labels": [ - "dependencies", - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "2025-03-04T00:00:00Z", - "title": "0.6.0" - }, - "repository": "https://github.com/hiero-ledger/hiero-block-node", - "reviewers": [ - "github-maintainers" - ], - "status": "Done", - "title": "ci: Update ubuntu runners to 24.04 and 22.04" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "**Description**:\r\n\r\nCherry picks fix from main to update ubuntu runners in gradle determinism to use 22.04/24.04 instead of 20.04/22.04\r\n(cherry picked from commit 0a994c1c91ac9cb8779e85c19abe8ca2f0e428d3)\r\n\r\n**Related issue(s)**:\r\n\r\nFixes #18180 \r\n\r\n\r\n", - "number": 18181, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "ci: update ubuntu version to 24.04 and 22.04", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/18181" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX7bYs", - "labels": [ - "Release" - ], - "milestone": { - "description": "", - "dueOn": "2025-02-21T00:00:00Z", - "title": "v0.60" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "reviewers": [ - "github-maintainers" - ], - "status": "Done", - "title": "ci: update ubuntu version to 24.04 and 22.04" - }, - { - "assignees": [ - "mhess-swl", - "rbarker-dev" - ], - "content": { - "body": "### Background\n\n#17742 added a codepath for ISS occurrences in the blockstream code. A new hapi test was also added with a `@Disabled` annotation. This ticket is for capturing the work needed to make it run as a PR check in CI. \n\n### Acceptance Criteria\n\n- The `IssHandlingTestSuite` runs as a separate PR check on all consensus node PRs\n\n### Dependencies\n\n- Configuration from the platform CI team\n\n### Definition of Ready (DoR) Checklist\n\n- [x] Clear acceptance criteria\n- [ ] Clear and detailed description\n- [x] Dependencies identified\n- [x] Links to documentation\n- [x] Should be completable in 2-3 Days\n- [ ] Initial draft of Low-level design document \u2013 N/A\n- [ ] At least high level test plan \u2013 N/A\n- [ ] Groomed/Estimated\n\n### Definition of Done (DoD) Checklist\n\n- [x] Acceptance Criteria complete\n- [x] No Codacy issues greater than minor (in new code)\n- [x] JavaDocs updated/created \u2013 N/A\n- [x] Code commented \u2013 N/A\n- [ ] Unit tests created/updated \u2013 N/A\n- [ ] 80% test code coverage (in new code) \u2013 N/A\n- [x] Happy Path and major negative cases in HAPI tests as applicable", - "number": 18198, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "Add ISS test to CI", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/18198" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX97Us", - "linked pull requests": [ - "https://github.com/hiero-ledger/hiero-consensus-node/pull/18204" - ], - "milestone": { - "description": "", - "dueOn": "", - "title": "v0.61" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Done", - "title": "Add ISS test to CI" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "**Description**:\r\n\r\nEnables hapi-iss-tests to run as part of Standard PR Checks Adds hapi-iss-tests to build-application workflow-dispatch triggers Enables the IssHandlingTestSuite\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #18198", - "number": 18204, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "ci: Enable IssHandlingTestSuite in CI PR Checks", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/18204" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX99XY", - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "", - "title": "v0.61" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "reviewers": [ - "github-maintainers", - "mhess-swl", - "andrewb1269hg" - ], - "status": "Done", - "title": "ci: Enable IssHandlingTestSuite in CI PR Checks" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "**Description**:\r\n\r\nAdds user @akdev to hcn-execution-committers\r\n\r\n", - "number": 146, - "repository": "hiero-ledger/governance", - "title": "chore: add user akdev to hcn-execution-committers", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/governance/pull/146" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX-BQ4", - "labels": [ - "help wanted" - ], - "repository": "https://github.com/hiero-ledger/governance", - "reviewers": [ - "netopyr", - "tinker-michaelj", - "Neeharika-Sompalli" - ], - "status": "Done", - "title": "chore: add user akdev to hcn-execution-committers" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "**Description**:\r\n\r\nPer [RESD-111](https://swirldslabs.atlassian.net/browse/RESD-111)\r\n\r\n- [x] Add team `hcn-execution-internal-contributors`\r\n- [x] Add user: elpinkypie to this team\n- [x] Add user: akdev to this team\r\n- [x] Add team to hiero-consensus-node with `triage` permission\r\n\r\n", - "number": 147, - "repository": "hiero-ledger/governance", - "title": "chore: Add team hcn-execution-internal-contributors", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/governance/pull/147" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX-EHI", - "repository": "https://github.com/hiero-ledger/governance", - "reviewers": [ - "netopyr", - "nathanklick" - ], - "status": "Done", - "title": "chore: Add team hcn-execution-internal-contributors" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "- Collect unit test artifacts by the build application workflow on push to develop and store as build artifacts\n- Pull in unit test artifacts into XTS run\n- Collect unit test artifacts on XTS run\n- Aggregate test artifacts and store as build artifacts on XTS\n- Publish all artifacts (commit merged by pull request AND XTS to codacy)", - "number": 16729, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "CITR Phase 1: Aggregate Unit Test Logs", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16729" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX-MfA", - "iteration": { - "duration": 14, - "iterationId": "bac11ae8", - "startDate": "2025-03-11", - "title": "Iteration 12" - }, - "labels": [ - "github_actions" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/hiero-consensus-node/pull/16895" - ], - "milestone": { - "description": "", - "dueOn": "", - "title": "v0.61" - }, - "priority": "P2", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Backlog", - "title": "CITR Phase 1: Aggregate Unit Test Logs" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "RESD-80 Jira ticket for reference.\n", - "number": 148, - "repository": "hiero-ledger/governance", - "title": "chore: move Pavel to github-maintainers", - "type": "Issue", - "url": "https://github.com/hiero-ledger/governance/issues/148" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX-QaI", - "labels": [ - "documentation" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/governance/pull/149" - ], - "repository": "https://github.com/hiero-ledger/governance", - "status": "Done", - "title": "chore: move Pavel to github-maintainers" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "**Description**:\r\n\r\nAdd Pavel to github-maintainers group\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #148\r\n", - "number": 149, - "repository": "hiero-ledger/governance", - "title": "chore: add Pavel to github-maintainers group", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/governance/pull/149" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX-QmU", - "labels": [ - "documentation" - ], - "repository": "https://github.com/hiero-ledger/governance", - "reviewers": [ - "nathanklick", - "rbarker-dev" - ], - "status": "Done", - "title": "chore: add Pavel to github-maintainers group" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "Investigate the github firehose app integration into Slack. This will allow the @hiero-ledger/github-maintainers group to direct all issues into a Slack channel to triage and be aware of.\n\nNote this story is for investigation only. Future stories will be developed for implementing the app.", - "number": 18206, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "ci: investigate github firehose integration with Slack", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/18206" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX-Rho", - "iteration": { - "duration": 14, - "iterationId": "bac11ae8", - "startDate": "2025-03-11", - "title": "Iteration 12" - }, - "labels": [ - "github_actions" - ], - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Done", - "title": "ci: investigate github firehose integration with Slack" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "Per LFDT requirements each repository should have a single maintainers group to ensure a 2/3rds quorum for voting members into committer/contributor roles.\r\n", - "number": 151, - "repository": "hiero-ledger/governance", - "title": "chore: Consolidate hiero-consensus-node maintainers into a single group", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/governance/pull/151" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYBkrA", - "repository": "https://github.com/hiero-ledger/governance", - "reviewers": [ - "nathanklick", - "hendrikebbers", - "andrewb1269hg" - ], - "status": "Done", - "title": "chore: Consolidate hiero-consensus-node maintainers into a single group" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "As outlined in [Jira Ticket RESD-136](https://swirldslabs.atlassian.net/jira/servicedesk/projects/RESD/queues/custom/159/RESD-136), move Tim from consensus group to execution group via a PR and obtain appropriate votes as approvals.", - "number": 153, - "repository": "hiero-ledger/governance", - "title": "chore: Move Tim Farber-Newman (timfn-hg) from consensus to execution team", - "type": "Issue", - "url": "https://github.com/hiero-ledger/governance/issues/153" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYG83o", - "labels": [ - "documentation" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/governance/pull/154" - ], - "repository": "https://github.com/hiero-ledger/governance", - "status": "New", - "title": "chore: Move Tim Farber-Newman (timfn-hg) from consensus to execution team" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "Made updates on main as part of PR: https://github.com/hiero-ledger/hiero-consensus-node/pull/18178", - "number": 18180, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "Cherry pick change to use ubuntu 22.04/24.04 instead of 20.04/22.04", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/18180" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgX7a7w", - "labels": [ - "Release" - ], - "milestone": { - "description": "", - "dueOn": "2025-02-21T00:00:00Z", - "title": "v0.60" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "New", - "title": "Cherry pick change to use ubuntu 22.04/24.04 instead of 20.04/22.04" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "Publish release notes generated during the release process as an artifact. We can update future workflows to pull these artifacts in from the official release process.", - "number": 18259, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "ci: publish release notes as artifacts", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/18259" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYHM9Y", - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "", - "title": "v0.61" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "New", - "title": "ci: publish release notes as artifacts" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "Update the pull request triggers for smoke tests, e2e tests, and gradle PR checks\n\n```\n pull_request:\n types:\n - opened\n - reopened\n - synchronize\n ```", - "number": 833, - "repository": "hiero-ledger/hiero-block-node", - "title": "fix pull request triggers", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-block-node/issues/833" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYO7lw", - "labels": [ - "github_actions" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/hiero-block-node/pull/834" - ], - "milestone": { - "description": "", - "dueOn": "2025-03-04T00:00:00Z", - "title": "0.6.0" - }, - "repository": "https://github.com/hiero-ledger/hiero-block-node", - "status": "Done", - "title": "fix pull request triggers" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "**Description**:\r\n\r\n- update e2e-tests.yml, smoke-test.yml, and pr-checks.yml `on`-triggers to use pull_request: types per standard pull_request triggers.\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #833\r\n", - "number": 834, - "repository": "hiero-ledger/hiero-block-node", - "title": "ci: Fix triggers for e2e-tests, smoke-test, and pr-checks", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-block-node/pull/834" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYO9Js", - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "2025-03-04T00:00:00Z", - "title": "0.6.0" - }, - "repository": "https://github.com/hiero-ledger/hiero-block-node", - "reviewers": [ - "github-maintainers", - "nathanklick", - "AlfredoG87", - "andrewb1269hg" - ], - "status": "Done", - "title": "ci: Fix triggers for e2e-tests, smoke-test, and pr-checks" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "Add `hiero-mirror-node-explorer` repo to the `config.yaml` file with appropriate permissions.", - "number": 158, - "repository": "hiero-ledger/governance", - "title": "chore: add hiero-mirror-node-explorer repo and groups.", - "type": "Issue", - "url": "https://github.com/hiero-ledger/governance/issues/158" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYRsS0", - "labels": [ - "documentation" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/governance/pull/159" - ], - "repository": "https://github.com/hiero-ledger/governance", - "status": "Done", - "title": "chore: add hiero-mirror-node-explorer repo and groups." - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "**Description**:\r\n\r\nCreate the hiero-mirror-node-explorer repo with appropriate permissions.\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #158\r\n", - "number": 159, - "repository": "hiero-ledger/governance", - "title": "chore: create hiero-mirror-node-explorer repo", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/governance/pull/159" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYRtTE", - "labels": [ - "documentation" - ], - "repository": "https://github.com/hiero-ledger/governance", - "reviewers": [ - "rbarker-dev" - ], - "status": "Done", - "title": "chore: create hiero-mirror-node-explorer repo" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "Add automation user to the MNE repo.", - "number": 163, - "repository": "hiero-ledger/governance", - "title": "chore: add automation user to the MNE repo", - "type": "Issue", - "url": "https://github.com/hiero-ledger/governance/issues/163" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYTMJg", - "labels": [ - "documentation" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/governance/pull/164" - ], - "repository": "https://github.com/hiero-ledger/governance", - "status": "Done", - "title": "chore: add automation user to the MNE repo" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "**Description**:\r\n\r\nAdd hiero-automation user to the MNE repo.\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #163\r\n", - "number": 164, - "repository": "hiero-ledger/governance", - "title": "chore: add hiero automation user to MNE", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/governance/pull/164" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYTMUk", - "labels": [ - "documentation" - ], - "repository": "https://github.com/hiero-ledger/governance", - "reviewers": [ - "rbarker-dev" - ], - "status": "Done", - "title": "chore: add hiero automation user to MNE" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "**Description**:\r\n\r\nUpdate the transfer.md file to reflect completed transfer of the `hiero-ledger/hiero-mirror-node-explorer` repo.", - "number": 62, - "repository": "hiero-ledger/hiero", - "title": "chore: update hiero-mirror-node-explorer repo for move", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero/pull/62" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYTOls", - "labels": [ - "documentation" - ], - "repository": "https://github.com/hiero-ledger/hiero", - "reviewers": [ - "rbarker-dev" - ], - "status": "Done", - "title": "chore: update hiero-mirror-node-explorer repo for move" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "**Description**:\r\n\r\n- Updates the deployment values and registries for GHCR to point at hiero-ledger/hiero-mirror-node\r\n- Updates docker config\r\n- Updates helm chart config\r\n- Updates helm templates\r\n\r\n**Related Issue(s)**:\r\n\r\nRelates to #1581\r\n", - "number": 1740, - "repository": "hiero-ledger/hiero-mirror-node-explorer", - "title": "chore: Update workflows and deployments for MNE", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-mirror-node-explorer/pull/1740" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYTQ3I", - "labels": [ - "github_actions" - ], - "repository": "https://github.com/hiero-ledger/hiero-mirror-node-explorer", - "reviewers": [ - "github-maintainers", - "hiero-mirror-node-explorer-maintainers", - "nathanklick", - "svienot", - "ericleponner", - "andrewb1269hg" - ], - "status": "Done", - "title": "chore: Update workflows and deployments for MNE" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "Add the following files to the CODEOWNERS file for tracking:\n\n```\ndocker-compose.yml\n\npackage.json\n\nsonar-project.properties\n```", - "number": 1741, - "repository": "hiero-ledger/hiero-mirror-node-explorer", - "title": "chore: add files to CODEOWNERS file", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-mirror-node-explorer/issues/1741" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYTRXE", - "labels": [ - "github_actions" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/hiero-mirror-node-explorer/pull/1742" - ], - "repository": "https://github.com/hiero-ledger/hiero-mirror-node-explorer", - "status": "Done", - "title": "chore: add files to CODEOWNERS file" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "**Description**:\r\n\r\nAdd 3 new files to CODEOWNERS file.\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #1741\r\n", - "number": 1742, - "repository": "hiero-ledger/hiero-mirror-node-explorer", - "title": "chore: add new files to CODEOWNERS", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-mirror-node-explorer/pull/1742" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYTRmY", - "labels": [ - "github_actions" - ], - "repository": "https://github.com/hiero-ledger/hiero-mirror-node-explorer", - "reviewers": [ - "github-maintainers" - ], - "status": "Done", - "title": "chore: add new files to CODEOWNERS" - }, - { - "assignees": [ - "nathanklick", - "rbarker-dev", - "andrewb1269hg" - ], - "content": { - "body": "Need to add tagging scheme for phase 2 work in CITR", - "number": 16409, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "Develop tagging scheme for SDPT -> SDLT promotion", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16409" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYZdpk", - "iteration": { - "duration": 14, - "iterationId": "bac11ae8", - "startDate": "2025-03-11", - "title": "Iteration 12" - }, - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "", - "title": "v0.61" - }, - "priority": "P0", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Backlog", - "title": "Develop tagging scheme for SDPT -> SDLT promotion" - }, - { - "content": { - "body": "Implement CodeQL in repo as identified in 2024 Q3 audit.", - "number": 981, - "repository": "hiero-ledger/hiero-local-node", - "title": "ci: implement CodeQL in repo", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-local-node/issues/981" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYdqEs", - "labels": [ - "github_actions" - ], - "repository": "https://github.com/hiero-ledger/hiero-local-node", - "status": "New", - "title": "ci: implement CodeQL in repo" - }, - { - "content": { - "body": "Implement Snyk in repo and configure. Identified as part of 2024 Q3 audit tasks.", - "number": 982, - "repository": "hiero-ledger/hiero-local-node", - "title": "ci: implement Snyk in repo", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-local-node/issues/982" - }, - "id": "PVTI_lADOCq2Q984AzKZJzgYdqIA", - "labels": [ - "github_actions" - ], - "repository": "https://github.com/hiero-ledger/hiero-local-node", - "status": "New", - "title": "ci: implement Snyk in repo" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "Create a new workflow to run hourly to sync branch names from `hiero-consensus-node` repository to `swirlds/swirlds-platform-regression` repository.", - "number": 4039, - "repository": "swirlds/swirlds-platform-regression", - "title": "ci: sync branch names from HCN", - "type": "Issue", - "url": "https://github.com/swirlds/swirlds-platform-regression/issues/4039" - }, - "id": "PVTI_lADOAcO5i84AzKZOzgX4bus", - "labels": [ - "github_actions" - ], - "repository": "https://github.com/swirlds/swirlds-platform-regression", - "status": "New", - "title": "ci: sync branch names from HCN" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "Merge the following workflows for custom property handling:\n\n- configure-custom-properties\n- read-all-custom-properties\n- update-custom-properties\nMerge these in from [here](https://github.com/PandasWhoCode/governance/tree/main/.github/workflows).\n\nInclude the following config files:\n`.github/properties_schema.json`\n`repo-properties.yaml`", - "number": 1, - "repository": "swirlds/governance", - "title": "chore: merge workflows for custom properties", - "type": "Issue", - "url": "https://github.com/swirlds/governance/issues/1" - }, - "id": "PVTI_lADOAcO5i84AzKZOzgZszn8", - "labels": [ - "documentation", - "enhancement" - ], - "linked pull requests": [ - "https://github.com/swirlds/governance/pull/2" - ], - "repository": "https://github.com/swirlds/governance", - "status": "Done", - "title": "chore: merge workflows for custom properties" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "**Description**:\r\n\r\nAdd 3 workflow files for handling custom properties. Add 2 supporting config files.\r\n\r\nThis PR adds workflow files and config files for handling custom properties inside the organization.\r\n\r\nThe `repo-properties.yaml` file holds the source of truth of all custom properties for all repos in the organization. There is a workflow called `update-custom-properties` that will call an action to update all custom properties in the organization to the latest in the `yaml` file.\r\n\r\nThere is a second workflow called `read-all-custom-properties`. This is used to generate the `repo-properties.yaml` file for the first time.\r\n\r\nThe third workflow is `configure-custom-properties`. This reads the `properties_schema.json` to create, modify, or remove custom properties at the organization level.\r\n\r\n**Related Issue(s)**:\r\n\r\nFixes #1 \r\n", - "number": 2, - "repository": "swirlds/governance", - "title": "chore: merge workflows for custom properties", - "type": "PullRequest", - "url": "https://github.com/swirlds/governance/pull/2" - }, - "id": "PVTI_lADOAcO5i84AzKZOzgZtiiQ", - "labels": [ - "documentation", - "enhancement" - ], - "repository": "https://github.com/swirlds/governance", - "reviewers": [ - "rbarker-dev" - ], - "status": "Done", - "title": "chore: merge workflows for custom properties" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "# CI/CD Repository Audit\n\n**Description**:\nPerform repository audit.\n\n**If there has not been a significant commit in the last year, add a note indicating so.**\n**Skip to `Acceptance Criteria` section at the bottom to complete close this issue.**\n\n# Administrative Audit Criteria\n\n### Actions State\nIf actions have not been run in the previous 6 months they should be disabled:\n- [ ] Actions are/have been disabled\n\nIf actions have run in the last 6 months then actions shall remain enabled:\n- [x] Actions are enabled\n\n## Settings Window\n### General Tab\n- [x] Require contributors to sign off on web-based commits\n\n#### Features Section:\n- [x] Disable Wiki\n - If it is in use, leave Wiki enabled. If not in use, remove functionality (uncheck Wiki option). Should be disabled whenever possible.\n- [x] Enable Issues\n- [ ] Enable Preserve this Repository\n- [x] Enable Discussions if repository is public\n- [x] Enable Projects\n \n#### Pull Requests Section:\n- [x] Enable Allow Squash Merging\n- [x] Enable Always suggest updating pull request branches\n- [x] Enable Automatically delete head branches\n \n#### Pushes Section:\n- [x] Pushes: Limit how many branches and tags can be updated in a single push (Default # is 5)\n\n### Collaborators and Teams Tab\n- [ ] Teams are assigned to the repository\n- [ ] Individual contributors that are part of assigned teams are removed from contributors list\n\n### Branches Tab\n- [x] Individual branch protections are turned off\n\n### Tags Tab\n- [x] Individual tag protections are turned off\n\n### Rules/Rulesets Tab\n- [x] The repository uses the current rulesets\n- [x] If appropriate, global rules are enabled/disabled for the repo\n\n### Actions Tab\n**If actions are enabled**:\n- [ ] Codecov is enabled on the repository\n- [x] Title check is enabled\n- [x] DCO check is enabled\n\n### Webhooks Tab\n- [x] All webhooks present are needed and in use\n- [ ] Snyk is enabled on the repo (check to see if the webhook exists and is in use)\n\n### Code Security Tab\n- [x] Dependabot is enabled on the repository\n\n### Secrets and Variables Tab\n- [x] GitHub secrets are employed to store sensitive data\n- [x] Tokens are stored securely as GitHub Secrets\n\n### GitHub Apps\n- [ ] Code Coverage Reporting\n- [ ] CodeQL is enabled on the repository\n- [ ] Codacy is enabled on the repository\n\n## App Integrations\n- [x] Dependabot is configured to monitor all relevant ecosystems (verify through `dependabot.yaml` file)\n - Link to [relevant ecosystems](https://docs.github.com/en/code-security/dependabot/ecosystems-supported-by-dependabot/supported-ecosystems-and-repositories)\n- [x] DCO-2 is configured as the DCO check\n\n## Code Formatting\n- [ ] NodeJS Projects use ESLint/Prettier formatting\n- [ ] Java Projects use Checkstyle/Spotless formatting\n- [ ] CPP Projects use Clang Tidy\n- [ ] Rust\n- [ ] Swift\n- [x] Go\n\n## CODEOWNERS\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n# Workflow Audit Criteria\n\n## Security Checks in Workflows\n- [x] Secrets Management In Workflow Files (`/.github/workflows/`)\n - [x] No hardcoded secrets in the workflow files or code\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unauthorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n - [ ] Use pinned versions of Docker files\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n\n## Workflow checks\n\n- [x] Appropriate permissions are set within the GitHub workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The step-security hardened security action is enabled on each workflow job\n - [ ] If the step-security dashboard reports action with score of <6, request a step-security version of the action\n\n## Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n## Other\n\n- [x] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [x] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met\n- [ ] Inactive Repo (>1 year since last significant commit)\n- [ ] Empty Repo\n\n## Custom Properties - Marking Complete\n\nUpdate the `repo-properties.json` file in the `ORG/governance` repository\n\n- [x] Custom properties: `initial-ci-review-by-team` is set\n- [x] Custom properties: `initial-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n*Note: assumes `ORG/governance` is a valid repository in the Github Organization being audited*\n", - "number": 1018, - "repository": "swirlds/swirlds-docker", - "title": "ci: [2025-Q2] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/swirlds/swirlds-docker/issues/1018" - }, - "id": "PVTI_lADOAcO5i84AzKZOzgZwKIc", - "labels": [ - "Audit" - ], - "priority": "P3", - "repository": "https://github.com/swirlds/swirlds-docker", - "status": "Done", - "title": "ci: [2025-Q2] CI/CD Audit Story" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "# CI/CD Repository Audit\n\n**Description**:\nPerform repository audit.\n\n**If there has not been a significant commit in the last year, add a note indicating so.**\n**Skip to `Acceptance Criteria` section at the bottom to complete close this issue.**\n\n# Administrative Audit Criteria\n\n### Actions State\nIf actions have not been run in the previous 6 months they should be disabled:\n- [ ] Actions are/have been disabled\n\nIf actions have run in the last 6 months then actions shall remain enabled:\n- [ ] Actions are enabled\n\n## Settings Window\n### General Tab\n- [ ] Require contributors to sign off on web-based commits\n\n#### Features Section:\n- [ ] Disable Wiki\n - If it is in use, leave Wiki enabled. If not in use, remove functionality (uncheck Wiki option). Should be disabled whenever possible.\n- [ ] Enable Issues\n- [ ] Enable Preserve this Repository\n- [ ] Enable Discussions if repository is public\n- [ ] Enable Projects\n \n#### Pull Requests Section:\n- [ ] Enable Allow Squash Merging\n- [ ] Enable Always suggest updating pull request branches\n- [ ] Enable Automatically delete head branches\n \n#### Pushes Section:\n- [ ] Pushes: Limit how many branches and tags can be updated in a single push (Default # is 5)\n\n### Collaborators and Teams Tab\n- [ ] Teams are assigned to the repository\n- [ ] Individual contributors that are part of assigned teams are removed from contributors list\n\n### Branches Tab\n- [ ] Individual branch protections are turned off\n\n### Tags Tab\n- [ ] Individual tag protections are turned off\n\n### Rules/Rulesets Tab\n- [ ] The repository uses the current rulesets\n- [ ] If appropriate, global rules are enabled/disabled for the repo\n\n### Actions Tab\n**If actions are enabled**:\n- [ ] Codecov is enabled on the repository\n- [ ] Title check is enabled\n- [ ] DCO check is enabled\n\n### Webhooks Tab\n- [ ] All webhooks present are needed and in use\n- [ ] Snyk is enabled on the repo (check to see if the webhook exists and is in use)\n\n### Code Security Tab\n- [ ] Dependabot is enabled on the repository\n\n### Secrets and Variables Tab\n- [ ] GitHub secrets are employed to store sensitive data\n- [ ] Tokens are stored securely as GitHub Secrets\n\n### GitHub Apps\n- [ ] Code Coverage Reporting\n- [ ] CodeQL is enabled on the repository\n- [ ] Codacy is enabled on the repository\n\n## App Integrations\n- [ ] Dependabot is configured to monitor all relevant ecosystems (verify through `dependabot.yaml` file)\n - Link to [relevant ecosystems](https://docs.github.com/en/code-security/dependabot/ecosystems-supported-by-dependabot/supported-ecosystems-and-repositories)\n- [ ] DCO-2 is configured as the DCO check\n\n## Code Formatting\n- [ ] NodeJS Projects use ESLint/Prettier formatting\n- [ ] Java Projects use Checkstyle/Spotless formatting\n- [ ] CPP Projects use Clang Tidy\n- [ ] Rust\n- [ ] Swift\n- [ ] Go\n\n## CODEOWNERS\n- [ ] `.github/CODEOWNERS` is valid and up-to-date\n\n# Workflow Audit Criteria\n\n## Security Checks in Workflows\n- [ ] Secrets Management In Workflow Files (`/.github/workflows/`)\n - [ ] No hardcoded secrets in the workflow files or code\n - [ ] Secrets are referenced in CI via config files or environment variables\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [ ] Checksums/hashes are verified during CI process to detect unauthorized changes\n - [ ] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n - [ ] Use pinned versions of Docker files\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n\n## Workflow checks\n\n- [ ] Appropriate permissions are set within the GitHub workflows\n- [ ] All steps are named\n- [ ] All workflow actions are using pinned commits\n- [ ] The step-security hardened security action is enabled on each workflow job\n - [ ] If the step-security dashboard reports action with score of <6, request a step-security version of the action\n\n## Self Hosted Runners\n\n- [ ] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n## Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met\n- [ ] Inactive Repo (>1 year since last significant commit)\n- [ ] Empty Repo\n\n## Custom Properties - Marking Complete\n\nUpdate the `repo-properties.json` file in the `ORG/governance` repository\n\n- [ ] Custom properties: `initial-ci-review-by-team` is set\n- [ ] Custom properties: `initial-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n*Note: assumes `ORG/governance` is a valid repository in the Github Organization being audited*\n", - "number": 4053, - "repository": "swirlds/swirlds-platform-regression", - "title": "ci: [2025-Q2] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/swirlds/swirlds-platform-regression/issues/4053" - }, - "id": "PVTI_lADOAcO5i84AzKZOzgZwKJY", - "labels": [ - "Audit" - ], - "priority": "P3", - "repository": "https://github.com/swirlds/swirlds-platform-regression", - "status": "Ready", - "title": "ci: [2025-Q2] CI/CD Audit Story" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "# CI/CD Repository Audit\n\n**Description**:\nPerform repository audit.\n\n**If there has not been a significant commit in the last year, add a note indicating so.**\n**Skip to `Acceptance Criteria` section at the bottom to complete close this issue.**\n\n# Administrative Audit Criteria\n\n### Actions State\nIf actions have not been run in the previous 6 months they should be disabled:\n- [x] Actions are/have been disabled\n\nIf actions have run in the last 6 months then actions shall remain enabled:\n- [ ] Actions are enabled\n\n## Settings Window\n### General Tab\n- [x] Require contributors to sign off on web-based commits\n\n#### Features Section:\n- [x] Disable Wiki\n - If it is in use, leave Wiki enabled. If not in use, remove functionality (uncheck Wiki option). Should be disabled whenever possible.\n- [x] Enable Issues\n- [ ] Enable Preserve this Repository\n- [ ] Enable Discussions if repository is public\n- [x] Enable Projects\n \n#### Pull Requests Section:\n- [x] Enable Allow Squash Merging\n- [x] Enable Always suggest updating pull request branches\n- [x] Enable Automatically delete head branches\n \n#### Pushes Section:\n- [x] Pushes: Limit how many branches and tags can be updated in a single push (Default # is 5)\n\n### Collaborators and Teams Tab\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n\n### Branches Tab\n- [x] Individual branch protections are turned off\n\n### Tags Tab\n- [x] Individual tag protections are turned off\n\n### Rules/Rulesets Tab\n- [x] The repository uses the current rulesets\n- [x] If appropriate, global rules are enabled/disabled for the repo\n\n### Actions Tab\n**If actions are enabled**:\n- [ ] Codecov is enabled on the repository\n- [ ] Title check is enabled\n- [x] DCO check is enabled\n\n### Webhooks Tab\n- [ ] All webhooks present are needed and in use\n- [ ] Snyk is enabled on the repo (check to see if the webhook exists and is in use)\n\n### Code Security Tab\n- [x] Dependabot is enabled on the repository\n\n### Secrets and Variables Tab\n- [ ] GitHub secrets are employed to store sensitive data\n- [ ] Tokens are stored securely as GitHub Secrets\n\n### GitHub Apps\n- [ ] Code Coverage Reporting\n- [ ] CodeQL is enabled on the repository\n- [ ] Codacy is enabled on the repository\n\n## App Integrations\n- [ ] Dependabot is configured to monitor all relevant ecosystems (verify through `dependabot.yaml` file)\n - Link to [relevant ecosystems](https://docs.github.com/en/code-security/dependabot/ecosystems-supported-by-dependabot/supported-ecosystems-and-repositories)\n- [x] DCO-2 is configured as the DCO check\n\n## Code Formatting\n- [ ] NodeJS Projects use ESLint/Prettier formatting\n- [ ] Java Projects use Checkstyle/Spotless formatting\n- [ ] CPP Projects use Clang Tidy\n- [ ] Rust\n- [ ] Swift\n- [ ] Go\n\n## CODEOWNERS\n- [ ] `.github/CODEOWNERS` is valid and up-to-date\n\n# Workflow Audit Criteria\n\n## Security Checks in Workflows\n- [ ] Secrets Management In Workflow Files (`/.github/workflows/`)\n - [ ] No hardcoded secrets in the workflow files or code\n - [ ] Secrets are referenced in CI via config files or environment variables\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [ ] Checksums/hashes are verified during CI process to detect unauthorized changes\n - [ ] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n - [ ] Use pinned versions of Docker files\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n\n## Workflow checks\n\n- [ ] Appropriate permissions are set within the GitHub workflows\n- [ ] All steps are named\n- [ ] All workflow actions are using pinned commits\n- [ ] The step-security hardened security action is enabled on each workflow job\n - [ ] If the step-security dashboard reports action with score of <6, request a step-security version of the action\n\n## Self Hosted Runners\n\n- [ ] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n## Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met\n- [ ] Inactive Repo (>1 year since last significant commit)\n- [ ] Empty Repo\n\n## Custom Properties - Marking Complete\n\nUpdate the `repo-properties.json` file in the `ORG/governance` repository\n\n- [x] Custom properties: `initial-ci-review-by-team` is set\n- [x] Custom properties: `initial-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n*Note: assumes `ORG/governance` is a valid repository in the Github Organization being audited*\n", - "number": 1, - "repository": "swirlds/TestBackup_RecoveryRepo", - "title": "ci: [2025-Q2] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/swirlds/TestBackup_RecoveryRepo/issues/1" - }, - "id": "PVTI_lADOAcO5i84AzKZOzgZwKKM", - "labels": [ - "Audit" - ], - "priority": "P3", - "repository": "https://github.com/swirlds/TestBackup_RecoveryRepo", - "status": "Done", - "title": "ci: [2025-Q2] CI/CD Audit Story" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "# CI/CD Repository Audit\n\n**Description**:\nPerform repository audit.\n\n**If there has not been a significant commit in the last year, add a note indicating so.**\n**Skip to `Acceptance Criteria` section at the bottom to complete close this issue.**\n\n# Administrative Audit Criteria\n\n### Actions State\nIf actions have not been run in the previous 6 months they should be disabled:\n- [ ] Actions are/have been disabled\n\nIf actions have run in the last 6 months then actions shall remain enabled:\n- [x] Actions are enabled\n\n## Settings Window\n### General Tab\n- [x] Require contributors to sign off on web-based commits\n\n#### Features Section:\n- [x] Disable Wiki\n - If it is in use, leave Wiki enabled. If not in use, remove functionality (uncheck Wiki option). Should be disabled whenever possible.\n- [x] Enable Issues\n- [ ] Enable Preserve this Repository\n- [x] Enable Discussions if repository is public\n- [x] Enable Projects\n \n#### Pull Requests Section:\n- [x] Enable Allow Squash Merging\n- [x] Enable Always suggest updating pull request branches\n- [x] Enable Automatically delete head branches\n \n#### Pushes Section:\n- [x] Pushes: Limit how many branches and tags can be updated in a single push (Default # is 5)\n\n### Collaborators and Teams Tab\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n\n### Branches Tab\n- [x] Individual branch protections are turned off\n\n### Tags Tab\n- [x] Individual tag protections are turned off\n\n### Rules/Rulesets Tab\n- [x] The repository uses the current rulesets\n- [x] If appropriate, global rules are enabled/disabled for the repo\n\n### Actions Tab\n**If actions are enabled**:\n- [ ] Codecov is enabled on the repository\n- [x] Title check is enabled\n- [x] DCO check is enabled\n\n### Webhooks Tab\n- [ ] All webhooks present are needed and in use\n- [ ] Snyk is enabled on the repo (check to see if the webhook exists and is in use)\n\n### Code Security Tab\n- [x] Dependabot is enabled on the repository\n\n### Secrets and Variables Tab\n- [x] GitHub secrets are employed to store sensitive data\n- [x] Tokens are stored securely as GitHub Secrets\n\n### GitHub Apps\n- [ ] Code Coverage Reporting\n- [ ] CodeQL is enabled on the repository\n- [ ] Codacy is enabled on the repository\n\n## App Integrations\n- [x] Dependabot is configured to monitor all relevant ecosystems (verify through `dependabot.yaml` file)\n - Link to [relevant ecosystems](https://docs.github.com/en/code-security/dependabot/ecosystems-supported-by-dependabot/supported-ecosystems-and-repositories)\n- [x] DCO-2 is configured as the DCO check\n\n## Code Formatting\n- [ ] NodeJS Projects use ESLint/Prettier formatting\n- [ ] Java Projects use Checkstyle/Spotless formatting\n- [ ] CPP Projects use Clang Tidy\n- [ ] Rust\n- [ ] Swift\n- [ ] Go\n\n## CODEOWNERS\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n# Workflow Audit Criteria\n\n## Security Checks in Workflows\n- [x] Secrets Management In Workflow Files (`/.github/workflows/`)\n - [x] No hardcoded secrets in the workflow files or code\n - [x] Secrets are referenced in CI via config files or environment variables\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [ ] Checksums/hashes are verified during CI process to detect unauthorized changes\n - [ ] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n - [ ] Use pinned versions of Docker files\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n\n## Workflow checks\n\n- [x] Appropriate permissions are set within the GitHub workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The step-security hardened security action is enabled on each workflow job\n - [ ] If the step-security dashboard reports action with score of <6, request a step-security version of the action\n\n## Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n## Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met\n- [ ] Inactive Repo (>1 year since last significant commit)\n- [ ] Empty Repo\n\n## Custom Properties - Marking Complete\n\nUpdate the `repo-properties.json` file in the `ORG/governance` repository\n\n- [x] Custom properties: `initial-ci-review-by-team` is set\n- [x] Custom properties: `initial-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n*Note: assumes `ORG/governance` is a valid repository in the Github Organization being audited*\n", - "number": 5, - "repository": "swirlds/governance", - "title": "ci: [2025-Q2] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/swirlds/governance/issues/5" - }, - "id": "PVTI_lADOAcO5i84AzKZOzgZwKKg", - "labels": [ - "Audit" - ], - "priority": "P3", - "repository": "https://github.com/swirlds/governance", - "status": "Done", - "title": "ci: [2025-Q2] CI/CD Audit Story" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "Add the conventional commits title check workflow and add to required checks.", - "number": 1019, - "repository": "swirlds/swirlds-docker", - "title": "Add the conventional commits title check workflow", - "type": "Issue", - "url": "https://github.com/swirlds/swirlds-docker/issues/1019" - }, - "id": "PVTI_lADOAcO5i84AzKZOzgZ2dBg", - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/swirlds/swirlds-docker/pull/1020" - ], - "repository": "https://github.com/swirlds/swirlds-docker", - "status": "Done", - "title": "Add the conventional commits title check workflow" - }, - { - "assignees": [ - "PavelSBorisov", - "rbarker-dev" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [x] Snyk is enabled on the repository\n- [ ] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [x] ESLint rules are applied to the codebase\n - [x] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", - "number": 522, - "repository": "hashgraph/hedera-metamask-snaps", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hashgraph/hedera-metamask-snaps/issues/522" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnWI", - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/hashgraph/hedera-metamask-snaps/pull/776" - ], - "priority": "P4", - "repository": "https://github.com/hashgraph/hedera-metamask-snaps", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg", - "mishomihov00" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [x] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", - "number": 1909, - "repository": "hiero-ledger/hiero-sdk-java", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-sdk-java/issues/1909" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnRg", - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/hiero-sdk-java/pull/2055" - ], - "priority": "P4", - "repository": "https://github.com/hiero-ledger/hiero-sdk-java", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg", - "mishomihov00" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [x] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [x] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [x] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [x] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", - "number": 2410, - "repository": "hiero-ledger/hiero-sdk-js", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-sdk-js/issues/2410" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnTw", - "labels": [ - "Audit" - ], - "priority": "P4", - "repository": "https://github.com/hiero-ledger/hiero-sdk-js", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "PavelSBorisov" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [ ] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [ ] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [ ] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [x] Snyk is enabled on the repository\n- [ ] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [x] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [ ] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [x] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", - "number": 2732, - "repository": "hiero-ledger/hiero-json-rpc-relay", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-json-rpc-relay/issues/2732" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnYs", - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/hiero-json-rpc-relay/pull/3194" - ], - "priority": "P4", - "repository": "https://github.com/hiero-ledger/hiero-json-rpc-relay", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [x] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", - "number": 811, - "repository": "hiero-ledger/hiero-sdk-rust", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-sdk-rust/issues/811" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnQE", - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/hiero-sdk-rust/pull/924" - ], - "priority": "P4", - "repository": "https://github.com/hiero-ledger/hiero-sdk-rust", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [x] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [x] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", - "number": 155, - "repository": "hashgraph/solo-operator", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hashgraph/solo-operator/issues/155" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnZI", - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/hashgraph/solo-operator/pull/327", - "https://github.com/hashgraph/solo-operator/pull/336" - ], - "priority": "P4", - "repository": "https://github.com/hashgraph/solo-operator", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg", - "mishomihov00" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [ ] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [x] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [ ] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", - "number": 267, - "repository": "hashgraph/pbj", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hashgraph/pbj/issues/267" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnOo", - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/hashgraph/pbj/pull/312" - ], - "priority": "P4", - "repository": "https://github.com/hashgraph/pbj", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg", - "mishomihov00" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [x] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [x] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [x] ESLint rules are applied to the codebase\n - [x] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", - "number": 440, - "repository": "hiero-ledger/solo", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hiero-ledger/solo/issues/440" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnXM", - "labels": [ - "Audit", - "Security" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/solo/pull/778" - ], - "priority": "P4", - "repository": "https://github.com/hiero-ledger/solo", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [ ] Actions are enabled\n- [x] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [ ] Actions have run in the last 6 months and shall remain enabled\n- [x] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [ ] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [ ] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [ ] Secrets Management\n - [ ] No hardcoded secrets in the workflow files or code\n - [ ] GitHub secrets are employed to store sensitive data\n - [ ] Secrets are referenced in CI via config files or environment variables\n- [ ] Tokens are stored securely as GitHub Secrets\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [ ] Checksums/hashes are verified during CI process to detect unathorized changes\n - [ ] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [ ] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [ ] dependabot.yml is up to date\n\n### Workflow checks\n\n- [ ] Appropriate permissions are set within the github workflows\n- [ ] All steps are named\n- [ ] All workflow actions are using pinned commits\n- [ ] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [ ] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [x] All Audit Criteria have been met", - "number": 33, - "repository": "hashgraph/terraform-hedera-node-modules", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hashgraph/terraform-hedera-node-modules/issues/33" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnGg", - "labels": [ - "Audit" - ], - "priority": "P4", - "repository": "https://github.com/hashgraph/terraform-hedera-node-modules", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg", - "mishomihov00" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [x] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [x] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", - "number": 14333, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/14333" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnYc", - "labels": [ - "Audit" - ], - "priority": "P4", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg", - "mishomihov00" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [ ] Actions are enabled\n- [x] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [ ] Actions have run in the last 6 months and shall remain enabled\n- [x] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [ ] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [ ] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [ ] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [ ] Executable Path Integrity\n - [ ] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [ ] Checksums/hashes are verified during CI process to detect unathorized changes\n - [ ] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [ ] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [ ] dependabot.yml is up to date\n\n### Workflow checks\n\n- [ ] Appropriate permissions are set within the github workflows\n- [ ] All steps are named\n- [ ] All workflow actions are using pinned commits\n- [ ] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [ ] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [ ] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", - "number": 544, - "repository": "hashgraph/hedera-transaction-tool-demo", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hashgraph/hedera-transaction-tool-demo/issues/544" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnWs", - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/hashgraph/hedera-transaction-tool-demo/pull/562" - ], - "priority": "P4", - "repository": "https://github.com/hashgraph/hedera-transaction-tool-demo", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg", - "mishomihov00" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [ ] Actions are enabled\n- [x] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [ ] Actions have run in the last 6 months and shall remain enabled\n- [x] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [ ] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [ ] Dependabot is enabled on the repository\n- [ ] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [ ] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [ ] GitHub secrets are employed to store sensitive data\n - [ ] Secrets are referenced in CI via config files or environment variables\n- [ ] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [ ] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [ ] Code Formatting\n - [ ] ESLint rules are applied to the codebase\n - [ ] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [x] Custom properties: `last-ci-review-by-team` is set\n- [x] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [ ] dependabot.yml is up to date\n\n### Workflow checks\n\n- [ ] Appropriate permissions are set within the github workflows\n- [ ] All steps are named\n- [ ] All workflow actions are using pinned commits\n- [ ] The Step-Security Hardened Security action is enabled on each workflow job\n- [ ] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [ ] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [ ] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", - "number": 9, - "repository": "hashgraph/hedera-state-proof-verifier-go", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hashgraph/hedera-state-proof-verifier-go/issues/9" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnYE", - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/hashgraph/hedera-state-proof-verifier-go/pull/10" - ], - "priority": "P4", - "repository": "https://github.com/hashgraph/hedera-state-proof-verifier-go", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "andrewb1269hg", - "mishomihov00" - ], - "content": { - "body": "## Contents\n\n- [CI/CD Repository Audit](#cicd-repository-audit)\n - [Contents](#contents)\n - [Administrative Audit Criteria](#administrative-audit-criteria)\n - [Check Actions State](#check-actions-state)\n - [Check if Actions should be disabled](#check-if-actions-should-be-disabled)\n - [Repository Settings Checks](#repository-settings-checks)\n - [App Integrations](#app-integrations)\n - [Security Checks](#security-checks)\n - [Custom Properties](#custom-properties)\n - [Non-Administrative Audit Criteria](#non-administrative-audit-criteria)\n - [Dependabot](#dependabot)\n - [Workflow checks](#workflow-checks)\n - [Self Hosted Runners](#self-hosted-runners)\n - [CODEOWNERS](#codeowners)\n - [Other](#other)\n - [Repository Settings](#repository-settings)\n - [Acceptance Criteria](#acceptance-criteria)\n\n## Administrative Audit Criteria\n\n### Check Actions State\n\n- [x] Actions are enabled\n- [ ] Actions are disabled\n\n### Check if Actions should be disabled\n\n**If actions have not been run in the previous 6 months they should be disabled**:\n\n- [x] Actions have run in the last 6 months and shall remain enabled\n- [ ] Actions have been disabled on the inactive repository\n\n### Repository Settings Checks\n\n- [x] [Repository settings](#repository-settings) are configured per organization standard\n- [x] Individual branch protections are turned off\n- [x] Individual tag protections are turned off\n- [x] The repository uses the current rulesets\n- [x] Teams are assigned to the repository\n- [x] Individual contributors that are part of assigned teams are removed from contributors list\n- [x] All webhooks present are needed and in use\n\n### App Integrations\n\n**If actions are enabled**:\n\n- [x] Dependabot is enabled on the repository\n- [x] Codecov is enabled on the repository\n\n### Security Checks\n\n- [ ] Snyk is enabled on the repository\n- [x] Dependabot is configured to monitor all relevant ecosystems\n - npm\n - electron\n - github actions\n - etc.\n- [x] Secrets Management\n - [x] No hardcoded secrets in the workflow files or code\n - [x] GitHub secrets are employed to store sensitive data\n - [x] Secrets are referenced in CI via config files or environment variables\n- [x] Tokens are stored securely as GitHub Secrets\n- [x] Executable Path Integrity\n - [x] Integrity checks for executables are implemented\n - integrity checks should use either checksums or cryptographic hashes for verification\n - [x] Checksums/hashes are verified during CI process to detect unathorized changes\n - [x] Expected checksums/hashes are stored securely and referenced through the CI pipeline\n- [x] Code Coverage Reporting - Configure codecov on the repository\n- [ ] CodeQL is enabled on the repository\n- [ ] `npx playwright install deps` is used to install OS dependencies instead of `aptitude`\n- [x] Code Formatting\n - [x] ESLint rules are applied to the codebase\n - [x] Prettier Formatting rules are applied to the codebase\n\n### Custom Properties\n\n- [ ] Custom properties: `last-ci-review-by-team` is set\n- [ ] Custom properties: `last-ci-review-date` is set (Use format: `YYYY-MM-DD`)\n\n## Non-Administrative Audit Criteria\n\n### Dependabot\n\n- [x] dependabot.yml is up to date\n\n### Workflow checks\n\n- [x] Appropriate permissions are set within the github workflows\n- [x] All steps are named\n- [x] All workflow actions are using pinned commits\n- [x] The Step-Security Hardened Security action is enabled on each workflow job\n- [x] Ensure no hard-coded keys in workflows\n - [ ] Alert devops-ci administrative team if new github secrets are needed to resolve hard-coded keys\n\n### Self Hosted Runners\n\n- [x] The Repository is using the latitude runner group label for the `runs-on` stanza\n\n### CODEOWNERS\n\n- [x] `.github/CODEOWNERS` is valid and up-to-date\n\n### Other\n\n- [ ] *If Applicable*: Alert repository owners of software versions that are no longer supported\n- [ ] *If Applicable*: Alert repository owners when software versions are within 3 months of losing support\n\n---\n\n## Repository Settings\n\n- [x] Require contributors to sign off on web-based commits\n- [x] Features: Issues\n- [x] Features: Preserve this Repository\n- [x] Features: Discussions\n- [x] Features: Projects\n- [x] Pull Requests: Allow Squash Merging\n- [x] Pull Requests: Always suggest updating pull request branches\n- [x] Pull Requests: Automatically delete head branches\n- [x] Pushes: Limit how many branches and tags can be updated in a single push\n\n---\n\n## Acceptance Criteria\n\n- [ ] All Audit Criteria have been met", - "number": 704, - "repository": "hiero-ledger/hiero-local-node", - "title": "ci: [2024-Q3] CI/CD Audit Story", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-local-node/issues/704" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgREnPo", - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/hiero-ledger/hiero-local-node/pull/811" - ], - "priority": "P4", - "repository": "https://github.com/hiero-ledger/hiero-local-node", - "status": "Done", - "title": "ci: [2024-Q3] CI/CD Audit Story" - }, - { - "assignees": [ - "jjohannes" - ], - "content": { - "body": "**Description**:\r\n\r\n**Related issue(s)**:\r\n\r\n**Notes for reviewer**:\r\n\r\n\r\n**Checklist**\r\n\r\n- [ ] Documented (Code comments, README, etc.)\r\n- [ ] Tested (unit, integration, etc.)\r\n", - "number": 14026, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "feat: move Google protobuf generated code to test fixtures scope", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/14026" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgXNnsw", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Done", - "title": "feat: move Google protobuf generated code to test fixtures scope" - }, - { - "assignees": [ - "PavelSBorisov", - "andrewb1269hg" - ], - "content": { - "body": "We will need to implement semantic release within the hedera-cryptography repo to facilitate versioning.", - "number": 193, - "repository": "hashgraph/hedera-cryptography", - "title": "Implement semantic release", - "type": "Issue", - "url": "https://github.com/hashgraph/hedera-cryptography/issues/193" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgWK99c", - "iteration": { - "duration": 14, - "iterationId": "7d9d129f", - "startDate": "2025-02-11", - "title": "Iteration 10" - }, - "labels": [ - "Feature Enhancement", - "Release", - "github_actions", - "released", - "released on @193-implement-semantic-release" - ], - "linked pull requests": [ - "https://github.com/hashgraph/hedera-cryptography/pull/206", - "https://github.com/hashgraph/hedera-cryptography/pull/303" - ], - "priority": "P0", - "repository": "https://github.com/hashgraph/hedera-cryptography", - "status": "Done", - "target Need Date": "2025-02-10", - "title": "Implement semantic release" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "Add scope to package.json", - "number": 384, - "repository": "hashgraph/hedera-accelerator-defi-dex-ui", - "title": "chore: update package.json with scoped package name", - "type": "Issue", - "url": "https://github.com/hashgraph/hedera-accelerator-defi-dex-ui/issues/384" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgWPleI", - "iteration": { - "duration": 14, - "iterationId": "7d9d129f", - "startDate": "2025-02-11", - "title": "Iteration 10" - }, - "labels": [ - "Audit" - ], - "linked pull requests": [ - "https://github.com/hashgraph/hedera-accelerator-defi-dex-ui/pull/385" - ], - "repository": "https://github.com/hashgraph/hedera-accelerator-defi-dex-ui", - "status": "Done", - "title": "chore: update package.json with scoped package name" - }, - { - "assignees": [ - "jjohannes", - "tinker-michaelj" - ], - "content": { - "body": "Bumps `junit5` from 5.10.2 to 5.11.4.\nUpdates `org.junit.jupiter:junit-jupiter-api` from 5.10.2 to 5.11.4\n
\nRelease notes\n

Sourced from org.junit.jupiter:junit-jupiter-api's releases.

\n
\n

JUnit 5.11.4 = Platform 1.11.4 + Jupiter 5.11.4 + Vintage 5.11.4

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.3...r5.11.4

\n

JUnit 5.11.3 = Platform 1.11.3 + Jupiter 5.11.3 + Vintage 5.11.3

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.2...r5.11.3

\n

JUnit 5.11.2 = Platform 1.11.2 + Jupiter 5.11.2 + Vintage 5.11.2

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.1...r5.11.2

\n

JUnit 5.11.1 = Platform 1.11.1 + Jupiter 5.11.1 + Vintage 5.11.1

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.0...r5.11.1

\n

JUnit 5.11.0 = Platform 1.11.0 + Jupiter 5.11.0 + Vintage 5.11.0

\n

See Release Notes.

\n

New Contributors

\n\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.10.3...r5.11.0

\n

JUnit 5.11.0-RC1 = Platform 1.11.0-RC1 + Jupiter 5.11.0-RC1 + Vintage 5.11.0-RC1

\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • 6430ba4 Release 5.11.4
    • \n
  • d093121 Finalize 5.11.4 release notes
    • \n
  • 0444353 Fix Maven integration tests on JDK 24
    • \n
  • b5c7f4e Move #4153 to 5.11.4 release notes
    • \n
  • b20c4e2 Ensure the XMLStreamWriter is closed after use
    • \n
  • 6376f0a Configure Git username and email
    • \n
  • 2b485c4 Set reference repo URI
    • \n
  • 500b5a0 Inject username and password via new DSL
    • \n
  • d671961 Update plugin gitPublish to v5
    • \n
  • 3d11279 Add JAVA_25 to JRE enum
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\nUpdates `org.junit.jupiter:junit-jupiter-engine` from 5.10.2 to 5.11.4\n
\nRelease notes\n

Sourced from org.junit.jupiter:junit-jupiter-engine's releases.

\n
\n

JUnit 5.11.4 = Platform 1.11.4 + Jupiter 5.11.4 + Vintage 5.11.4

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.3...r5.11.4

\n

JUnit 5.11.3 = Platform 1.11.3 + Jupiter 5.11.3 + Vintage 5.11.3

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.2...r5.11.3

\n

JUnit 5.11.2 = Platform 1.11.2 + Jupiter 5.11.2 + Vintage 5.11.2

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.1...r5.11.2

\n

JUnit 5.11.1 = Platform 1.11.1 + Jupiter 5.11.1 + Vintage 5.11.1

\n

See Release Notes.

\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.11.0...r5.11.1

\n

JUnit 5.11.0 = Platform 1.11.0 + Jupiter 5.11.0 + Vintage 5.11.0

\n

See Release Notes.

\n

New Contributors

\n\n

Full Changelog: https://github.com/junit-team/junit5/compare/r5.10.3...r5.11.0

\n

JUnit 5.11.0-RC1 = Platform 1.11.0-RC1 + Jupiter 5.11.0-RC1 + Vintage 5.11.0-RC1

\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • 6430ba4 Release 5.11.4
    • \n
  • d093121 Finalize 5.11.4 release notes
    • \n
  • 0444353 Fix Maven integration tests on JDK 24
    • \n
  • b5c7f4e Move #4153 to 5.11.4 release notes
    • \n
  • b20c4e2 Ensure the XMLStreamWriter is closed after use
    • \n
  • 6376f0a Configure Git username and email
    • \n
  • 2b485c4 Set reference repo URI
    • \n
  • 500b5a0 Inject username and password via new DSL
    • \n
  • d671961 Update plugin gitPublish to v5
    • \n
  • 3d11279 Add JAVA_25 to JRE enum
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n
\n\n> **Note**\n> Automatic rebases have been disabled on this pull request as it has been open for over 30 days.", - "number": 17125, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "build(deps): bump junit5 from 5.10.2 to 5.12.0 in /hiero-dependency-versions", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17125" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgW5n2A", - "iteration": { - "duration": 14, - "iterationId": "7d9d129f", - "startDate": "2025-02-11", - "title": "Iteration 10" - }, - "labels": [ - "dependencies", - "Java" - ], - "milestone": { - "description": "", - "dueOn": "", - "title": "v0.61" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "reviewers": [ - "platform-ci", - "platform-ci-committers", - "rbarker-dev", - "hedera-services", - "hedera-smart-contracts-core", - "thomas-swirlds-labs", - "tinker-michaelj", - "github-maintainers", - "jjohannes" - ], - "status": "Blocked", - "title": "build(deps): bump junit5 from 5.10.2 to 5.12.0 in /hiero-dependency-versions" - }, - { - "assignees": [ - "jjohannes" - ], - "content": { - "body": "- Adjust all production code that still uses the `com.hederahashgraph.api.proto.java.*` classes to use the classes generated by PBJ. Remove all `requires com.google.protobuf;` from all modules.\n- Remove google-protobuf codegen from `hapi/hapi`. The project only generates code with PBJ after the change (by removing [this Gradle configuration](https://github.com/hiero-ledger/hiero-consensus-node/blob/bb014388a72daf292c708f2ffe5052b06f22d90d/hapi/hapi/build.gradle.kts#L24-L29)).\n- `hapi/hapi` **testFixtures** and **test** use `hapi/hedera-protobuf-java-api` for the tests that validate the PBJ and google-protobuf are compatible. ", - "number": 18102, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "Use PBJ-generated protobufs instead of google-protobuf-generated protobufs in all production code", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/18102" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgXzWXU", - "iteration": { - "duration": 14, - "iterationId": "803ae4c2", - "startDate": "2025-02-25", - "title": "Iteration 11" - }, - "linked pull requests": [ - "https://github.com/hiero-ledger/hiero-consensus-node/pull/18174" - ], - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Blocked", - "title": "Use PBJ-generated protobufs instead of google-protobuf-generated protobufs in all production code" - }, - { - "content": { - "body": "After https://github.com/hiero-ledger/hiero-consensus-node/pull/17737 is integrated, this repository should be archived.\n\nAll open issues and PRs can be closed.", - "number": 173, - "repository": "hashgraph/hedera-protobufs-java", - "title": "Archive Repository", - "type": "Issue", - "url": "https://github.com/hashgraph/hedera-protobufs-java/issues/173" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgXoJ3E", - "repository": "https://github.com/hashgraph/hedera-protobufs-java", - "status": "Ready", - "title": "Archive Repository" - }, - { - "assignees": [ - "jjohannes" - ], - "content": { - "body": "**Description**:\r\n\r\nSee: https://github.com/hiero-ledger/hiero-gradle-conventions/releases/tag/v0.3.3\r\n\r\n**Related issue(s)**:\r\n\r\nFixes required for:\r\n- https://github.com/hashgraph/hedera-services/pull/17670\r\n- https://github.com/hashgraph/hedera-services/pull/17210\r\n", - "number": 17674, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "build: bump hiero-gradle-conventions to 0.3.3 / Gradle to 8.12.1", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17674" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgW8r28", - "iteration": { - "duration": 14, - "iterationId": "88baf400", - "startDate": "2025-01-28", - "title": "Iteration 9" - }, - "milestone": { - "description": "", - "dueOn": "2025-01-24T00:00:00Z", - "title": "v0.59" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "reviewers": [ - "platform-ci", - "platform-ci-committers", - "andrewb1269hg", - "mishomihov00" - ], - "status": "Done", - "title": "build: bump hiero-gradle-conventions to 0.3.3 / Gradle to 8.12.1" - }, - { - "assignees": [ - "jjohannes" - ], - "content": { - "body": "**Description**:\r\n\r\nWhile we recently updated the runtime to the latest version, the compiler \u2013 protoc \u2013 stayed on a lower version. The versions should be aligned to the latest release. Which is what this PR is doing.\r\n\r\nNote that these version changes are not critical as long as the tests work. Google protobuf is not used in production. It is here to test that the PBJ generated code is compatible with Google protobuf.\r\n\r\nHistorically, some utility code lives in the production code and that is why Google protobuf is currently on the production classpath, although it is not used in production.\r\n\r\nOnce this update is done, I would like to get back to #14026, which is the attempt to move it out of production. We should re-evaluate how how much work it is now to finally do it.\r\n\r\n`GeneratedMessageV3` needs to be replaced with `GeneratedMessage`\r\nSee: https://protobuf.dev/news/v26/#breaking-compatibility-with-old-generated-code\r\n", - "number": 17662, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "build: consistently use protobuf '4.29.3'", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17662" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgW5iJw", - "iteration": { - "duration": 14, - "iterationId": "88baf400", - "startDate": "2025-01-28", - "title": "Iteration 9" - }, - "milestone": { - "description": "", - "dueOn": "2025-02-21T00:00:00Z", - "title": "v0.60" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "reviewers": [ - "platform-ci", - "platform-ci-committers", - "hedera-services", - "hedera-smart-contracts-core", - "andrewb1269hg", - "kimbor" - ], - "status": "Done", - "title": "build: consistently use protobuf '4.29.3'" - }, - { - "assignees": [ - "jjohannes" - ], - "content": { - "body": "Bumps `mockito` from 5.8.0 to 5.15.2.\nUpdates `org.mockito:mockito-core` from 5.8.0 to 5.15.2\n
\nRelease notes\n

Sourced from org.mockito:mockito-core's releases.

\n
\n

v5.15.2

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.2

\n\n

v5.15.1

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.1

\n\n

v5.15.0

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.0

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • e04dbbe Fix javadoc publication (#3561)
    • \n
  • 567c5b9 Bump org.assertj:assertj-core from 3.27.0 to 3.27.1 (#3560)
    • \n
  • 2c184c9 Introduce release convention plugin for Shipkit integration (#3533)
    • \n
  • 68c4285 Bump org.assertj:assertj-core from 3.26.3 to 3.27.0 (#3557)
    • \n
  • cd4704a Avoid warning when dynamic attach is enabled with JVM flag (#3551)
    • \n
  • 3731b6b Bump org.junit.platform:junit-platform-launcher from 1.11.3 to 1.11.4 (#3555)
    • \n
  • 29c9476 Bump junit-jupiter from 5.11.3 to 5.11.4 (#3554)
    • \n
  • dc0dc88 Bump bytebuddy from 1.15.10 to 1.15.11 (#3553)
    • \n
  • 2e7992b Bump com.google.googlejavaformat:google-java-format (#3545)
    • \n
  • 51ed33f Bump com.gradle.develocity from 3.18.2 to 3.19 (#3544)
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\nUpdates `org.mockito:mockito-junit-jupiter` from 5.8.0 to 5.15.2\n
\nRelease notes\n

Sourced from org.mockito:mockito-junit-jupiter's releases.

\n
\n

v5.15.2

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.2

\n\n

v5.15.1

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.1

\n\n

v5.15.0

\n

Changelog generated by Shipkit Changelog Gradle Plugin

\n

5.15.0

\n\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • e04dbbe Fix javadoc publication (#3561)
    • \n
  • 567c5b9 Bump org.assertj:assertj-core from 3.27.0 to 3.27.1 (#3560)
    • \n
  • 2c184c9 Introduce release convention plugin for Shipkit integration (#3533)
    • \n
  • 68c4285 Bump org.assertj:assertj-core from 3.26.3 to 3.27.0 (#3557)
    • \n
  • cd4704a Avoid warning when dynamic attach is enabled with JVM flag (#3551)
    • \n
  • 3731b6b Bump org.junit.platform:junit-platform-launcher from 1.11.3 to 1.11.4 (#3555)
    • \n
  • 29c9476 Bump junit-jupiter from 5.11.3 to 5.11.4 (#3554)
    • \n
  • dc0dc88 Bump bytebuddy from 1.15.10 to 1.15.11 (#3553)
    • \n
  • 2e7992b Bump com.google.googlejavaformat:google-java-format (#3545)
    • \n
  • 51ed33f Bump com.gradle.develocity from 3.18.2 to 3.19 (#3544)
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n
", - "number": 17242, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "build(deps): bump mockito from 5.8.0 to 5.15.2 in /hiero-dependency-versions", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17242" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgWy9Jo", - "iteration": { - "duration": 14, - "iterationId": "88baf400", - "startDate": "2025-01-28", - "title": "Iteration 9" - }, - "labels": [ - "dependencies", - "Java" - ], - "milestone": { - "description": "", - "dueOn": "2025-01-24T00:00:00Z", - "title": "v0.59" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "reviewers": [ - "platform-ci", - "platform-ci-committers", - "rbarker-dev", - "mishomihov00" - ], - "status": "Done", - "title": "build(deps): bump mockito from 5.8.0 to 5.15.2 in /hiero-dependency-versions" - }, - { - "assignees": [ - "jjohannes" - ], - "content": { - "body": "Bumps `dagger` from 2.42 to 2.55.\nUpdates `com.google.dagger:dagger` from 2.42 to 2.55\n
\nRelease notes\n

Sourced from com.google.dagger:dagger's releases.

\n
\n

Dagger 2.55

\n

Notable/breaking changes

\n
    \n
  • Added support for injecting jakarta.inject.Provider. This should be usable anywhere javax.inject.Provider is usable. Note that this technically comes with a breaking change to disallow providing jakarta.inject.Provider types in the same way it is disallowed for javax.inject.Provider. (caa7e178b)
    • \n
  • Fixed a number of binding graph related issues.\nThese fixes can be enabled with, -Adagger.useBindingGraphFix=ENABLED, but due to this sometimes being a breaking change we\u2019ve set the default behavior to \u201cdisabled\u201d for now. We will flip the default to \u201cenabled\u201d in a future release, and eventually remove the flag altogether. Enabling this feature can fix a number of confusing error messages. See https://dagger.dev/dev-guide/compiler-options#useBindingGraphFix for more details.
    • \n
\n

Bug fixes

\n
    \n
  • Fixed #4549: Fixed incremental processing for LazyClassKey proguard files by adding the\noriginating element to the writeResource call. (98a027541)
    • \n
\n

Dagger 2.54

\n

Bug fixes

\n
    \n
  • Fixed #4303: Upgrade Hilt Gradle Plugin to support KSP2 configuration. (76b581999)
    • \n
  • Fixed #4544: Removes private from InstanceHolder field to avoid unnecessary accessor method. (07d8f883f)
    • \n
  • Fixed #4533: Fixes path separator for Windows when creating LazyClassKey proguard file. (efa421a3f)
    • \n
\n

Notable changes

\n
    \n
  • In preparation for jakarta support, Dagger\u2019s generated factories now include a create() method that uses dagger.internal.Provider rather than javax.inject.Provider. For now, the javax.inject.Provider create() method is also kept for compatibility, but it will be removed in a future release. When that happens, libraries built with the newer version of Dagger may break downstream users of @Component that are built with an older version of Dagger. (d60729d20)
    • \n
\n

Dagger 2.53.1

\n

Bug fixes

\n
    \n
  • Fixes #4525: Update kotlin-jvm-metadata to 2.0.21 to remove dependency on Beta version. (84d3aa5f1)
    • \n
  • Fixes #4526: Add the originating element in LazyMapKeyProxyGenerator. (5fd8ec1a3)
    • \n
\n

Dagger 2.53

\n

Potentially breaking changes:

\n

@Binds methods now requires explicit nullability

\n

New: @Binds methods must explicitly declare nullability (previously we tried to infer it from\nthe parameter). This change aligns the nullability behavior of @Binds with how nullability is\ntreated elsewhere in Dagger by requiring it to be explict at the request and declaration sites.\n(4941926c5)

\n

Suggested fix: If you get a failure due to this change, add the proper nullability to your @Binds method/parameter. For example:

\n
@Module\ninterface MyModule {\n-    @Binds fun bindToNullableImpl(impl: FooImpl): Foo\n+    @Binds fun bindToNullableImpl(impl: FooImpl?): Foo?\n}\n
\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • 14ad560 2.55 release
    • \n
  • 7ca9977 Add binary compatibility validator to the Gradle projects
    • \n
  • 4cd83cb Add documentation for dagger.useBindingGraphFix compiler option.
    • \n
  • 8b4f9b6 Add maven publish plugin to Gradle projects.
    • \n
  • 9daa0ae Wire resource configuration while keeping the Bazel project structure.
    • \n
  • 3418609 Move JDK toolchain, Kotlin language and JVM target configuration to conventio...
    • \n
  • 0927b9a Add flag to control LegacyBindingGraphFactory usage.
    • \n
  • 1620e92 Add Github CI step and action for building with Gradle
    • \n
  • c43783a Initial setup of Gradle as a build system for Dagger
    • \n
  • 98a0275 Fix LazyClassKey proguard file issues.
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\nUpdates `com.google.dagger:dagger-compiler` from 2.42 to 2.55\n
\nRelease notes\n

Sourced from com.google.dagger:dagger-compiler's releases.

\n
\n

Dagger 2.55

\n

Notable/breaking changes

\n
    \n
  • Added support for injecting jakarta.inject.Provider. This should be usable anywhere javax.inject.Provider is usable. Note that this technically comes with a breaking change to disallow providing jakarta.inject.Provider types in the same way it is disallowed for javax.inject.Provider. (caa7e178b)
    • \n
  • Fixed a number of binding graph related issues.\nThese fixes can be enabled with, -Adagger.useBindingGraphFix=ENABLED, but due to this sometimes being a breaking change we\u2019ve set the default behavior to \u201cdisabled\u201d for now. We will flip the default to \u201cenabled\u201d in a future release, and eventually remove the flag altogether. Enabling this feature can fix a number of confusing error messages. See https://dagger.dev/dev-guide/compiler-options#useBindingGraphFix for more details.
    • \n
\n

Bug fixes

\n
    \n
  • Fixed #4549: Fixed incremental processing for LazyClassKey proguard files by adding the\noriginating element to the writeResource call. (98a027541)
    • \n
\n

Dagger 2.54

\n

Bug fixes

\n
    \n
  • Fixed #4303: Upgrade Hilt Gradle Plugin to support KSP2 configuration. (76b581999)
    • \n
  • Fixed #4544: Removes private from InstanceHolder field to avoid unnecessary accessor method. (07d8f883f)
    • \n
  • Fixed #4533: Fixes path separator for Windows when creating LazyClassKey proguard file. (efa421a3f)
    • \n
\n

Notable changes

\n
    \n
  • In preparation for jakarta support, Dagger\u2019s generated factories now include a create() method that uses dagger.internal.Provider rather than javax.inject.Provider. For now, the javax.inject.Provider create() method is also kept for compatibility, but it will be removed in a future release. When that happens, libraries built with the newer version of Dagger may break downstream users of @Component that are built with an older version of Dagger. (d60729d20)
    • \n
\n

Dagger 2.53.1

\n

Bug fixes

\n
    \n
  • Fixes #4525: Update kotlin-jvm-metadata to 2.0.21 to remove dependency on Beta version. (84d3aa5f1)
    • \n
  • Fixes #4526: Add the originating element in LazyMapKeyProxyGenerator. (5fd8ec1a3)
    • \n
\n

Dagger 2.53

\n

Potentially breaking changes:

\n

@Binds methods now requires explicit nullability

\n

New: @Binds methods must explicitly declare nullability (previously we tried to infer it from\nthe parameter). This change aligns the nullability behavior of @Binds with how nullability is\ntreated elsewhere in Dagger by requiring it to be explict at the request and declaration sites.\n(4941926c5)

\n

Suggested fix: If you get a failure due to this change, add the proper nullability to your @Binds method/parameter. For example:

\n
@Module\ninterface MyModule {\n-    @Binds fun bindToNullableImpl(impl: FooImpl): Foo\n+    @Binds fun bindToNullableImpl(impl: FooImpl?): Foo?\n}\n
\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • 14ad560 2.55 release
    • \n
  • 7ca9977 Add binary compatibility validator to the Gradle projects
    • \n
  • 4cd83cb Add documentation for dagger.useBindingGraphFix compiler option.
    • \n
  • 8b4f9b6 Add maven publish plugin to Gradle projects.
    • \n
  • 9daa0ae Wire resource configuration while keeping the Bazel project structure.
    • \n
  • 3418609 Move JDK toolchain, Kotlin language and JVM target configuration to conventio...
    • \n
  • 0927b9a Add flag to control LegacyBindingGraphFactory usage.
    • \n
  • 1620e92 Add Github CI step and action for building with Gradle
    • \n
  • c43783a Initial setup of Gradle as a build system for Dagger
    • \n
  • 98a0275 Fix LazyClassKey proguard file issues.
    • \n
  • Additional commits viewable in compare view
    • \n
\n
\n
\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n
", - "number": 17378, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "build(deps): bump dagger from 2.42 to 2.55 in /hiero-dependency-versions", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17378" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgWV7Lg", - "iteration": { - "duration": 14, - "iterationId": "88baf400", - "startDate": "2025-01-28", - "title": "Iteration 9" - }, - "labels": [ - "dependencies", - "Java" - ], - "milestone": { - "description": "", - "dueOn": "2025-01-24T00:00:00Z", - "title": "v0.59" - }, - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "reviewers": [ - "platform-ci", - "platform-ci-committers", - "hedera-services", - "hedera-smart-contracts-core", - "netopyr", - "tinker-michaelj", - "mishomihov00" - ], - "status": "Done", - "title": "build(deps): bump dagger from 2.42 to 2.55 in /hiero-dependency-versions" - }, - { - "assignees": [ - "andrewb1269hg" - ], - "content": { - "body": "**Description**:\r\nThe purpose of this PR is to create two workflows:\r\n\r\n`increment-next-main-release.yaml` will increment the `version.txt` file to the next minor release (Ex: 0.58.x --> 0.59.0). This will be used when a release is complete and we are working on a new release version.\r\n\r\n`flow-trigger-release.yaml` will apply a version tag using the `git-semver` tool with appropriate semantic release versioning, trigger our workflows for a release, and generate the release notes in a markdown format.\r\n\r\n**Related issue(s)**:\r\n\r\nFixes #14967 \r\n\r\n**Notes for reviewer**:\r\n\r\n\r\n**Checklist**\r\n\r\n- [x] Documented (Code comments, README, etc.) - Roger has created documentation about the process we're transitioning to for release process of 0.59 and onwards.\r\n- [x] Tested (unit, integration, etc.) - Extensively tested. The latest for action results can be found here for [incrementing the minor version number](https://github.com/hashgraph/hedera-services/actions/workflows/zxf-version-roll.yaml). The latest action results can be found here for [triggering the official release process](https://github.com/hashgraph/hedera-services/actions/workflows/flow-trigger-release.yaml).\r\n- [x] Test Procedure Documentation captured [here in Notion](https://www.notion.so/swirldslabs/hedera-services-Semantic-Release-18c7c9ab2591806bb0bfdd363477b7f5?pvs=4)\r\n", - "number": 17440, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "ci: implement semantic release process", - "type": "PullRequest", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/pull/17440" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgWjU9E", - "iteration": { - "duration": 14, - "iterationId": "7d9d129f", - "startDate": "2025-02-11", - "title": "Iteration 10" - }, - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "2025-01-24T00:00:00Z", - "title": "v0.59" - }, - "priority": "P0", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "reviewers": [ - "nathanklick", - "rbarker-dev", - "platform-ci", - "platform-ci-committers", - "release-engineering-managers", - "github-maintainers", - "nathanklick" - ], - "size": "M", - "status": "Done", - "title": "ci: implement semantic release process" - }, - { - "assignees": [ - "rbarker-dev", - "andrewb1269hg" - ], - "content": { - "body": "", - "number": 16412, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "Use solo to provision ephemeral environments running on latitude", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16412" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgUfQlI", - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "2025-01-24T00:00:00Z", - "title": "v0.59" - }, - "priority": "P0", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Backlog", - "title": "Use solo to provision ephemeral environments running on latitude" - }, - { - "assignees": [ - "rbarker-dev", - "andrewb1269hg" - ], - "content": { - "body": "", - "number": 16413, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "Update grafana metric & log labels to use standardized conventions", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16413" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgUfQl4", - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "2025-01-24T00:00:00Z", - "title": "v0.59" - }, - "priority": "P0", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Backlog", - "title": "Update grafana metric & log labels to use standardized conventions" - }, - { - "assignees": [ - "rbarker-dev", - "andrewb1269hg" - ], - "content": { - "body": "", - "number": 16414, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "Pass necessary information on metrics & logs to grafana", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16414" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgUfQmY", - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "2025-01-24T00:00:00Z", - "title": "v0.59" - }, - "priority": "P0", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Backlog", - "title": "Pass necessary information on metrics & logs to grafana" - }, - { - "assignees": [ - "rbarker-dev", - "andrewb1269hg" - ], - "content": { - "body": "- Enhance existing pipelines and ensure full support for build, test, and release workflows\r\n- Add support for publishing OCI compliant container images", - "number": 16415, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "Ensure performance testing is running (Tom's perf test)", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16415" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgUfQmw", - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "2025-01-24T00:00:00Z", - "title": "v0.59" - }, - "priority": "P0", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Backlog", - "title": "Ensure performance testing is running (Tom's perf test)" - }, - { - "assignees": [ - "rbarker-dev", - "andrewb1269hg" - ], - "content": { - "body": "- Add support for metric emission via a Prometheus compatible scrape endpoint\r\n- Ensure log output is Loki compatible\r\n- CI Pipelines:\r\n - Add build, test, and release pipelines to Oleg's test suite repository\r\n - Add support for publishing an OCI compliant container image", - "number": 16416, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "Ensure Oleg's testing is running", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16416" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgUfQnI", - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "2025-01-24T00:00:00Z", - "title": "v0.59" - }, - "priority": "P0", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Backlog", - "title": "Ensure Oleg's testing is running" - }, - { - "assignees": [ - "rbarker-dev" - ], - "content": { - "body": "", - "number": 16384, - "repository": "hiero-ledger/hiero-consensus-node", - "title": "New user controlled workflow for promoting to single day longevity tests", - "type": "Issue", - "url": "https://github.com/hiero-ledger/hiero-consensus-node/issues/16384" - }, - "id": "PVTI_lADOAdkRTM4Ak5MizgUbl80", - "labels": [ - "github_actions" - ], - "milestone": { - "description": "", - "dueOn": "2025-01-24T00:00:00Z", - "title": "v0.59" - }, - "priority": "P0", - "repository": "https://github.com/hiero-ledger/hiero-consensus-node", - "status": "Backlog", - "target Need Date": "2024-11-26", - "title": "New user controlled workflow for promoting to single day longevity tests" - } -] \ No newline at end of file