Production #9508

oslynn · 2023-05-16T18:11:06Z

This PR ...

If you are suggesting a fix for a currently exploitable issue, please disclose the issue to the prime-reportstream team directly outside of GitHub instead of filing a PR, so we may immediately patch the affected systems before a disclosure. See SECURITY.md/Reporting a Vulnerability for more information.

Test Steps:

Include steps to test these changes

Changes

Include a comprehensive list of changes in this PR
(For web UI changes) Include screenshots/video of changes

Checklist

Testing

Tested locally?
Ran ./prime test or ./gradlew testSmoke against local Docker ReportStream container?
(For Changes to /frontend-react/...) Ran npm run lint:write?
Added tests?

Process

Are there licensing issues with any new dependencies introduced?
Includes a summary of what a code reviewer should test/verify?
Updated the release notes?
Database changes are submitted as a separate PR?
DevOps team has been notified if PR requires ops support?

Linked Issues

Fixes #issue

To Be Done

Create GitHub issues to track the work remaining, if any

#issue

Specific Security-related subjects a reviewer should pay specific attention to

Does this PR introduce new endpoints?
- new endpoint A
- new endpoint B
Does this PR include changes in authentication and/or authorization of existing endpoints?
Does this change introduce new dependencies that need vetting?
Does this change require changes to our infrastructure?
Does logging contain sensitive data?
Does this PR include or remove any sensitive information itself?

If you answered 'yes' to any of the questions above, conduct a detailed Review that addresses at least:

What are the potential security threats and mitigations? Please list the STRIDE threats and how they are mitigated
- Spoofing (faking authenticity)
  - Threat T, which could be achieved by A, is mitigated by M
- Tampering (influence or sabotage the integrity of information, data, or system)
- Repudiation (the ability to dispute the origin or originator of an action)
- Information disclosure (data made available to entities who should not have it)
- Denial of service (make a resource unavailable)
- Elevation of Privilege (reduce restrictions that apply or gain privileges one should not have)
Have you ensured logging does not contain sensitive data?
Have you received any additional approvals needed for this change?

github-actions · 2023-05-16T18:11:27Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details

Scanned Manifest Files

github-actions · 2023-05-18T17:42:47Z

Test Results

1 268 tests +21 1 264 ✅ +21 7m 41s ⏱️ +3s
164 suites + 2 4 💤 ± 0
164 files + 2 0 ❌ ± 0

Results for commit 22e26c1. ± Comparison against base commit 7895c62.

♻️ This comment has been updated with latest results.

Fix CDC FOIA URL

Bumps [com.azure.spring:spring-cloud-azure-dependencies](https://github.com/Azure/azure-sdk-for-java) from 5.18.0 to 5.19.0. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](Azure/azure-sdk-for-java@spring-cloud-azure_5.18.0...spring-cloud-azure_5.19.0) --- updated-dependencies: - dependency-name: com.azure.spring:spring-cloud-azure-dependencies dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.4.0 to 3.4.1. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.4.0...v3.4.1) --- updated-dependencies: - dependency-name: org.springframework.boot dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [io.spring.dependency-management](https://github.com/spring-gradle-plugins/dependency-management-plugin) from 1.1.6 to 1.1.7. - [Release notes](https://github.com/spring-gradle-plugins/dependency-management-plugin/releases) - [Commits](spring-gradle-plugins/dependency-management-plugin@v1.1.6...v1.1.7) --- updated-dependencies: - dependency-name: io.spring.dependency-management dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.4.0 to 3.4.1. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.4.0...v3.4.1) --- updated-dependencies: - dependency-name: org.springframework.boot dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [com.azure.spring:spring-cloud-azure-dependencies](https://github.com/Azure/azure-sdk-for-java) from 5.18.0 to 5.19.0. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](Azure/azure-sdk-for-java@spring-cloud-azure_5.18.0...spring-cloud-azure_5.19.0) --- updated-dependencies: - dependency-name: com.azure.spring:spring-cloud-azure-dependencies dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [io.spring.dependency-management](https://github.com/spring-gradle-plugins/dependency-management-plugin) from 1.1.6 to 1.1.7. - [Release notes](https://github.com/spring-gradle-plugins/dependency-management-plugin/releases) - [Commits](spring-gradle-plugins/dependency-management-plugin@v1.1.6...v1.1.7) --- updated-dependencies: - dependency-name: io.spring.dependency-management dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [org.springframework.security:spring-security-oauth2-jose](https://github.com/spring-projects/spring-security) from 6.3.4 to 6.4.2. - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@6.3.4...6.4.2) --- updated-dependencies: - dependency-name: org.springframework.security:spring-security-oauth2-jose dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [plugin.spring](https://github.com/JetBrains/kotlin) from 2.0.21 to 2.1.0. - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/v2.1.0/ChangeLog.md) - [Commits](JetBrains/kotlin@v2.0.21...v2.1.0) --- updated-dependencies: - dependency-name: plugin.spring dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [org.springframework.cloud:spring-cloud-dependencies](https://github.com/spring-cloud/spring-cloud-release) from 2023.0.3 to 2023.0.4. - [Release notes](https://github.com/spring-cloud/spring-cloud-release/releases) - [Commits](spring-cloud/spring-cloud-release@v2023.0.3...v2023.0.4) --- updated-dependencies: - dependency-name: org.springframework.cloud:spring-cloud-dependencies dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [plugin.spring](https://github.com/JetBrains/kotlin) from 2.0.21 to 2.1.0. - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/v2.1.0/ChangeLog.md) - [Commits](JetBrains/kotlin@v2.0.21...v2.1.0) --- updated-dependencies: - dependency-name: plugin.spring dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [io.github.oshai:kotlin-logging-jvm](https://github.com/oshai/kotlin-logging) from 7.0.0 to 7.0.3. - [Release notes](https://github.com/oshai/kotlin-logging/releases) - [Changelog](https://github.com/oshai/kotlin-logging/blob/master/ChangeLog-old.md) - [Commits](https://github.com/oshai/kotlin-logging/commits) --- updated-dependencies: - dependency-name: io.github.oshai:kotlin-logging-jvm dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.5.2 to 1.5.4. - [Release notes](https://github.com/networknt/json-schema-validator/releases) - [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md) - [Commits](networknt/json-schema-validator@1.5.2...1.5.4) --- updated-dependencies: - dependency-name: com.networknt:json-schema-validator dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps `jacksonVersion` from 2.18.1 to 2.18.2. Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.18.1 to 2.18.2 - [Commits](FasterXML/jackson-dataformats-text@jackson-dataformats-text-2.18.1...jackson-dataformats-text-2.18.2) Updates `com.fasterxml.jackson.core:jackson-databind` from 2.18.1 to 2.18.2 - [Commits](https://github.com/FasterXML/jackson/commits) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-yaml dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [org.springdoc:springdoc-openapi-starter-webflux-ui](https://github.com/springdoc/springdoc-openapi) from 2.6.0 to 2.7.0. - [Release notes](https://github.com/springdoc/springdoc-openapi/releases) - [Changelog](https://github.com/springdoc/springdoc-openapi/blob/main/CHANGELOG.md) - [Commits](springdoc/springdoc-openapi@v2.6.0...v2.7.0) --- updated-dependencies: - dependency-name: org.springdoc:springdoc-openapi-starter-webflux-ui dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [com.zaxxer:HikariCP](https://github.com/brettwooldridge/HikariCP) from 6.2.0 to 6.2.1. - [Changelog](https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES) - [Commits](brettwooldridge/HikariCP@HikariCP-6.2.0...HikariCP-6.2.1) --- updated-dependencies: - dependency-name: com.zaxxer:HikariCP dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps commons-io:commons-io from 2.17.0 to 2.18.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [io.github.java-diff-utils:java-diff-utils](https://github.com/java-diff-utils/java-diff-utils) from 4.11 to 4.15. - [Release notes](https://github.com/java-diff-utils/java-diff-utils/releases) - [Changelog](https://github.com/java-diff-utils/java-diff-utils/blob/master/CHANGELOG.md) - [Commits](java-diff-utils/java-diff-utils@java-diff-utils-parent-4.11...java-diff-utils-parent-4.15) --- updated-dependencies: - dependency-name: io.github.java-diff-utils:java-diff-utils dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [com.hierynomus:sshj](https://github.com/hierynomus/sshj) from 0.38.0 to 0.39.0. - [Commits](hierynomus/sshj@v0.38.0...v0.39.0) --- updated-dependencies: - dependency-name: com.hierynomus:sshj dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

platform/dependabot/2024-12-26

* Onboard Marshall Island to UP * Setted convertDateTimesToReceiverLocalTime: true * Add Translation Test to the PR

Deployment of 2025-01-02

github-actions · 2025-01-02T16:09:14Z

Branch deployed to Chromatic 🚀.

⚠️ Detected 0 tests with visual changes.
✅ All tests passed.

View via:

Chromatic: https://www.chromatic.com/build?appId=6419b81d4a47163c3050f14a&number=1329
Storybook: https://6419b81d4a47163c3050f14a-rdhflgcody.chromatic.com/

github-actions · 2025-01-02T16:16:41Z

⚠️ Broken Links ⚠️

❌ https://www.hhs.gov/vulnerability-disclosure-policy/index.html

Error: Request failed with status code 403

❌ /assets/xlsm/20241204_ReportStream-Mapping-Template.xlsm

Error: Internal link: Page error

❌ https://www.cdc.gov/poxvirus/mpox/lab-personnel/report-results.html

Error: Request failed with status code 404

oslynn temporarily deployed to staging May 16, 2023 18:11 — with GitHub Actions Inactive

kant777 temporarily deployed to staging May 18, 2023 17:35 — with GitHub Actions Inactive

kant777 temporarily deployed to prod May 18, 2023 17:35 — with GitHub Actions Inactive

kant777 temporarily deployed to prod May 18, 2023 17:43 — with GitHub Actions Inactive

oslynn temporarily deployed to prod May 23, 2023 17:23 — with GitHub Actions Inactive

oslynn temporarily deployed to staging May 23, 2023 17:23 — with GitHub Actions Inactive

oslynn temporarily deployed to prod May 23, 2023 17:34 — with GitHub Actions Inactive

brick-green temporarily deployed to prod May 25, 2023 14:55 — with GitHub Actions Inactive

brick-green temporarily deployed to staging May 25, 2023 14:55 — with GitHub Actions Inactive

brick-green temporarily deployed to prod May 25, 2023 15:03 — with GitHub Actions Inactive

thetaurean temporarily deployed to prod May 30, 2023 18:43 — with GitHub Actions Inactive

thetaurean temporarily deployed to staging May 30, 2023 18:43 — with GitHub Actions Inactive

thetaurean temporarily deployed to prod May 30, 2023 18:53 — with GitHub Actions Inactive

thetaurean temporarily deployed to staging June 1, 2023 18:14 — with GitHub Actions Inactive

thetaurean temporarily deployed to prod June 1, 2023 18:14 — with GitHub Actions Inactive

thetaurean temporarily deployed to prod June 1, 2023 18:24 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to staging June 8, 2023 19:13 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to prod June 8, 2023 19:13 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to prod June 8, 2023 19:22 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to prod June 13, 2023 18:23 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to staging June 13, 2023 18:24 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to prod June 13, 2023 18:35 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to staging June 15, 2023 17:07 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to prod June 15, 2023 17:07 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to prod June 15, 2023 17:16 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to prod June 20, 2023 17:35 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to staging June 20, 2023 17:35 — with GitHub Actions Inactive

jack-h-wang temporarily deployed to prod June 20, 2023 17:50 — with GitHub Actions Inactive

etanb and others added 23 commits December 24, 2024 15:14

Merge pull request #16781 from CDCgov/devs3ecops/matts/fix-foia

1a97ce6

Fix CDC FOIA URL

disambiguate argument type in sshj mocks

166ac13

Merge pull request #16909 from CDCgov/platform/dependabot/2024-12-26

ba596b5

platform/dependabot/2024-12-26

Onboard Marshall Island to UP (#16900)

345f93c

* Onboard Marshall Island to UP * Setted convertDateTimesToReceiverLocalTime: true * Add Translation Test to the PR

Merge pull request #16940 from CDCgov/deployment/2025-01-02

22e26c1

Deployment of 2025-01-02

jalbinson temporarily deployed to prod January 2, 2025 16:05 — with GitHub Actions Inactive

jalbinson deployed to prod-router January 2, 2025 16:17 — with GitHub Actions Active

jalbinson temporarily deployed to prod January 2, 2025 16:20 — with GitHub Actions Inactive

jalbinson deployed to prod-frontend January 2, 2025 16:36 — with GitHub Actions Active

jalbinson temporarily deployed to prod January 2, 2025 16:38 — with GitHub Actions Inactive

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Production #9508

Production #9508

oslynn commented May 16, 2023

github-actions bot commented May 16, 2023 •

edited

Loading

github-actions bot commented May 18, 2023 •

edited

Loading

github-actions bot commented Jan 2, 2025

github-actions bot commented Jan 2, 2025

Production #9508

Are you sure you want to change the base?

Production #9508

Conversation

oslynn commented May 16, 2023

Changes

Checklist

Testing

Process

Linked Issues

To Be Done

Specific Security-related subjects a reviewer should pay specific attention to

github-actions bot commented May 16, 2023 • edited Loading

Dependency Review

OpenSSF Scorecard

Scanned Manifest Files

github-actions bot commented May 18, 2023 • edited Loading

Test Results

github-actions bot commented Jan 2, 2025

github-actions bot commented Jan 2, 2025

⚠️ Broken Links ⚠️

github-actions bot commented May 16, 2023 •

edited

Loading

github-actions bot commented May 18, 2023 •

edited

Loading