Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Won't Do
Priority: Unknown
Fix Version/s: None
Component/s: Security
Labels:
None

Epic Link:
DRIVERS-714
Server Compat:
- 6.2
Quarter:
- FY25Q1
- FY25Q2

Driver Compliance:

$i18n.getText("admin.common.words.hide")

Key	Status/Resolution	FixVersion
CDRIVER-5539	Won't Do
CXX-3012	Won't Do
CSHARP-5052	Won't Do
GODRIVER-3191	Won't Do
JAVA-5434	Won't Do
NODE-6117	Works as Designed
MOTOR-1306	Won't Do
PYTHON-4387	Won't Do
PHPLIB-1438	Won't Do
RUBY-3453	Won't Do
RUST-1923	Won't Do

$i18n.getText("admin.common.words.show")

#scriptField, #scriptField *{ border: 1px solid black; } #scriptField{ border-collapse: collapse; } #scriptField td { text-align: center; /* Center-align text in table cells */ } #scriptField td.key { text-align: left; /* Left-align text in the Key column */ } #scriptField a { text-decoration: none; /* Remove underlines from links */ border: none; /* Remove border from links */ } /* Add green background color to cells with FixVersion */ #scriptField td.hasFixVersion { background-color: #00FF00; /* Green color code */ } /* Center-align the first row headers */ #scriptField th { text-align: center; } Key Status/Resolution FixVersion CDRIVER-5539 Won't Do CXX-3012 Won't Do CSHARP-5052 Won't Do GODRIVER-3191 Won't Do JAVA-5434 Won't Do NODE-6117 Works as Designed MOTOR-1306 Won't Do PYTHON-4387 Won't Do PHPLIB-1438 Won't Do RUBY-3453 Won't Do RUST-1923 Won't Do

Note: drivers that to not publish container images can disregard this ticket.

Released container images MUST be signed with a MongoDB-owned or managed key.

Drivers MUST generate SBOM Lite documents for releases and provide those to Silk. As mentioned in the Scope: Onboard Shipped Products to Silk, the docker sbom command may be used. Providing SBOM Lite documents to Silk via S3 uploads for container images may be preferable to maintaining it in a git repository.

A list of software bundled within container releases MUST be provided to DevProd for reporting purposes.

Drivers MUST configure container scanning (e.g. using Snyk).

related to

CXX-3062 SSDLC requirements for released container images

Backlog

split to

CDRIVER-5539 SSDLC requirements for released container images

Closed

CSHARP-5052 SSDLC requirements for released container images

Closed

CXX-3012 SSDLC requirements for released container images

Closed

GODRIVER-3191 SSDLC requirements for released container images

Closed

JAVA-5434 SSDLC requirements for released container images

Closed

MOTOR-1306 SSDLC requirements for released container images

Closed

NODE-6117 SSDLC requirements for released container images

Closed

PHPLIB-1438 SSDLC requirements for released container images

Closed

PYTHON-4387 SSDLC requirements for released container images

Closed

RUBY-3453 SSDLC requirements for released container images

Closed

RUST-1923 SSDLC requirements for released container images

Closed

(7 split to)

Assignee:: Unassigned

Reporter:: Jeremy Mikola

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: Apr 15 2024 05:02:28 PM UTC

Updated:: Jul 16 2024 08:11:08 PM UTC

Resolved:: Jul 16 2024 04:35:42 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates