deft/reports/FY23-Yann-report.org

Yann FY23 Report

• Yann [164]
  • clj-jwt [3 (3 / 0)]
  • ctia [1 (1 / 0)]
  • iroh [88 (85 / 3)]
  • oauth2-client-demo [4 (4 / 0)]
  • ring-jwt-middleware [3 (3 / 0)]
  • scopula [13 (13 / 0)]
  • tenzin [2 (2 / 0)]
  • tenzin-config [24 (24 / 0)]
  • xdr-provisioning [26 (26 / 0)]

Yann [164]

clj-jwt [3 (3 / 0)]

• W27 Version 0.5.2-SNAPSHOT
• W27 Version 0.5.1
• W27 Merge pull request #4 from latacora/master

ctia [1 (1 / 0)]

• W10 bump snakeyaml to address CVE-2022-38751 #1346

iroh [88 (85 / 3)]

• W30 Fix a URL detection from HTML #8165
• W30 Revert "Incident Summary Migration" #8163
• W30 [Monetization]: Fix business logic of data retention #8142
• W30 Allow braces with iroh-core/strint #8051
• W29 Remove SecureX branding and attempt to match SCSO branding for invitation and OAuth2 authorization #8111
• W29 [Registration UI]: Reword to remove SX reference #8110
• W29 Entitlement summary technical values #8094
• W29 [PIAM] Make enterprise id mandatory for piam #8069
• W28 PIAM: Enhance provisioning tracking #8061
• W27 Make country-name optional from the whoami. #8050
• W27 Do not send email for XDR org during AO bootstrap #8045
• W27 [PIAM] Show the whole response on onboarding errors #8039
• W27 Makes feature-flag change access more precise #8026
• W27 Revert "woke tool added (#7926)" #8029
• W25 Sorted Idps #7997
• W25 Add default value in the Swagger UI description. #7995
• W24 Hide even more hidden APIs #7979
• W24 [PIAM]: Support passing body parameter to onboarding via Provisioning API #7986
• W24 Upgrade SX to XDR org via provisioning #7981
• W24 feature-flag scopes are considered as special #7985
• W24 fix local dev environment to be able to start locally without docker #7944
• W23 Use org to display the roles as expected #7952
• W22 Fix SCSO rebrand name. #7937
• W22 Rebrand from SecureX Sign-On to Secure Cloud Sign-on #7935
• W22 A few additional helpers #7914
• W20 [IROH Auth] Entitlement Service #7870
• W19 Change the scope for ff change #7857
• W18 replace clj-momo deep-merge #7815
• W17 Add a missing option to disable default configs #7805
• W17 Add a script to init tokens without login in #7794
• W17 Fix schema for Response #7804
• W17 Add support to onboard a single app #7796
• W17 Add a role instrospection route to help the UI and other clients #7785
• W17 Fix scopes declaration for execute-workflow route #7799
• W16 Fix a Swagger bug due to schema name conflict #7790
• W14 Web api search improvements #7728
• W14 add profile and notification to ao-jwt #7726
• W14 Tk store combinator search queries (AND, OR, NOT) #7691
• W13 Fix a case where the body is nil #7685
• W13 Add xdr-instance-id field to the orgs #7707
• W13 PIAM: Provisioning onboard endpoint #7659
• W12 Add ff scope script #7680
• W12 added a script to add feature-flag scopes from command line #7676
• W12 prefer to use client from DB than client from config #7672
• W12 Align scopes to SXO behaviour #7673
• W11 fix lein start #7663
• W11 PIAM provisioning no idp-mapping for create user #7655
• W11 Default bootstrap & config #6868
• W10 Add Entitlements to Orgs #7631
• W10 Remove yaml to supported format for profile API #7632
• W10 Fix a flaky test in either_test.clj #7610
• W09 Role Matrix representation in the code. #7583
• W08 fix some wording only for admin users view #7579
• W07 Improve User login logs situation #7555
• W07 Added a composable redis.nix #7535
• W04 Fix template rendering during invite confirmation #7480
• W04 Display virtual users in the batch get users #7473
• W02 Add the UI session logout into IROH-Auth #7431
• W51 Use short random id for code and csrf #7417
• W50 Revoked grant should reject event trusted clients #7394
• W47 RBAC Technical Design #7314
• W47 Open Impersonate INT/TEST to help UI dev #7316
• W42 Add kibana links to Admin UI #7224
• W42 Fix a login button bug in the cross-region admin UI #7214
• W42 Update ini4j to 0.5.4 #7199
• W41 Fix logic for Allow All Role to login #7185
• W41 Deploy the Cross Region Admin UI #7177
• W41 bump to jackson-databind 2.14.0-rc1 #7160
• W40 Update jackson-databind #7159
• W39 Provide a TAC route to change the user's role #7133
• W39 Fix PIAM Provisioning #7129
• W39 [Platform] PIAM targeted Provisioning CRUD #7073
• W39 Fix 500 error response on invalid JWT #7112
• W38 [IROH-Auth]: Support wildcard for allowed-login-origin on INT #7085
• W38 Fix and Improve some HTML pages #7079
• W37 Fix master #7069
• W37 Improve Auth Mgmt logs #7067
• W37 Add structured logs to SSE proxy #7065
• W37 Improve error message on DB schema error #7061
• W36 Add a testing case for custom OAuth2 routes #7033
• W36 Cleanup tests 2022 08 #7014
• W36 Improve the script to delete duplicate accounts #7028
• W35 Attempt to use iroh-crud for UserService #7008
• W34 Improve Org/User Services Either 2nd #7002
• W31 Session token lifetime with code param #6818

between 12 and 13 months ago

• W30 remove random-uuid overide warning #6940
• W27 disable vulnscan #6864
• W27 Script to remove duplicate users #6826

oauth2-client-demo [4 (4 / 0)]

• W41 Add local env
• W41 Parametrize the device code test
• W41 support public device grant clients
• W41 improved doc

ring-jwt-middleware [3 (3 / 0)]

• W24 Version 1.1.4-SNAPSHOT
• W24 Version 1.1.3
• W24 Support external error via is-revoked-fn

scopula [13 (13 / 0)]

• W49 Version 0.3.1-SNAPSHOT
• W49 Version 0.3.0
• W49 updated version and deps
• W49 Merge pull request #5 from threatgrid/scope-aliases
• W49 Minor fixes, update README
• W49 Use scopes set length instead of count
• W47 Update README.org
• W47 minor corrections
• W47 Improve scope-aliases
• W44 Improve methodology to not fail on special cases
• W44 Basic compression heuristic for aliases
• W44 Make scopes-expand additive only
• W44 Add scope-expand function

tenzin [2 (2 / 0)]

• W13 use iroh.main for all nodes types #2862
• W13 Update iroh.job.jinja #2861

tenzin-config [24 (24 / 0)]

• W25 Configure SCA in all missing envs #927
• W24 Enable XDR roles in PROD #919
• W23 factorize PROD #917
• W23 Add role-web-service config everywhere #911
• W23 Canonicalize the configs (#913) #915
• W23 Canonicalize the configs #913
• W23 Add missing role-web-service everywhere #910
• W23 Gen configs git pre-commit hook #908
• W23 Factorisation iroh/iroh-async confs #904
• W23 Tree config structures to prevent config duplication. #901
• W22 Fix SCSO name #898
• W22 rebrand from SecureX Sign-On to Secure Cloud Sign-on #896
• W16 fix missing iroh-async web-services #884
• W16 align iroh and iroh-async confs #883
• W15 Add CSC onboarding URLs #875
• W13 fix provisioning service #863
• W13 PIAM config change (+ boostrap cleanup) #677
• W09 add perf.orbital.threatgrid.com to allowed login origin #854
• W51 sorted router server #810
• W51 sorted bootstrap on INT #809
• W47 provide open impersonate on INT/TEST #782
• W46 update TG clients for new ribbon #774
• W41 Cross Region UI conf #745
• W38 Added ENV and Region in the confs #729

xdr-provisioning [26 (26 / 0)]

• W30 Add a script to cleanup test accounts
• W30 rename script and improve error
• W30 minor improvement
• W30 fix ISO code to use 2 chars only
• W30 use the env from the table
• W30 fix tsv-to-commands.sh
• W30 add tsv-to-commands.sh
• W29 add an option to force di and csc onboarding even for org upgrade
• W27 improve README.md
• W27 update help errror message
• W27 update the doc
• W27 Updated the script to match all possible use case
• W27 Add SXO to the modules to add for SCA owners.
• W27 Improved doc and safety
• W27 Check if user is admin and improve creation check
• W27 Improved upgrade PATH
• W27 Provide two scripts
• W27 Merge pull request #1 from advthreat/sca-support
• W27 add a few logs and better error support
• W27 Add XDR feature-flag
• W27 Optional support for SCA
• W17 Improve help regarding setting env vars
• W17 Improve the command line parsing
• W17 rename script to .sh
• W17 Add onboarding of DI and CSC
• W16 Initial provisioning Script