You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<!-- Please copy-paste the brief user story or bug description that this PR is intended to address. -->
13
10
14
11
### What Does This PR Do?
15
-
16
12
<!--
17
13
Add detailed description & discussion of changes here.
18
-
The contents of this section should be used as your commit message (unless you merge the PR via a merge commit, of course).
19
-
20
-
Please follow standard Git commit message guidelines:
21
-
* First line should be a capitalized, short (50 chars or less) summary.
22
-
* The rest of the message should be in standard Markdown format, wrapped to 72 characters.
23
-
* Describe your changes in imperative mood, e.g. "make xyzzy do frotz" instead of "[This patch] makes xyzzy do frotz" or "[I] changed xyzzy to do frotz", as if you are giving orders to the codebase to change its behavior.
24
-
* List all relevant Jira issue keys, one per line at the end of the message, per: <https://confluence.atlassian.com/jirasoftwarecloud/processing-issues-with-smart-commits-788960027.html>.
Add some items to the following list, or remove the entire section if it doesn't apply for some reason.
33
-
34
18
Common items include:
35
19
* Is this likely to address the goals expressed in the user story?
36
20
* Are any additional documentation updates needed?
@@ -40,55 +24,22 @@ Common items include:
40
24
* Can you find any bugs if you run the code locally and test it manually?
41
25
-->
42
26
43
-
If you're reviewing this PR, please check these things, in particular:
44
-
45
-
- TODO
46
-
47
-
### What Security Implications Does This PR Have?
48
-
49
-
Submitters should complete the following questionnaire:
50
-
51
-
- If the answer to any of the questions below is **Yes**, then here's a link to the associated Security Impact Assessment (SIA), security checklist, or other similar document in Confluence: N/A.
52
-
- Does this PR add any new software dependencies? **Yes** or **No**.
53
-
- Does this PR modify or invalidate any of our security controls? **Yes** or **No**.
54
-
- Does this PR store or transmit data that was not stored or transmitted before? **Yes** or **No**.
55
-
- If the answer to any of the questions below is **Yes**, then please add a Security Engineer and ISSO as a reviewer, and note that this PR should not be merged unless/until he also approves it.
56
-
- Do you think this PR requires additional review of its security implications for other reasons? **Yes** or **No**.
27
+
If you're reviewing this PR, please check for these things in particular:
28
+
<!-- Add some items here -->
57
29
58
-
### What Needs to Be Merged and Deployed Before this PR?
30
+
### Validation
59
31
60
32
<!--
61
-
Add some items to the following list, or remove the entire section if it doesn't apply.
62
-
63
-
Common items include:
64
-
* New features in external dependencies (e.g. BB2-API).
33
+
Have you fully verified and tested these changes? Is the acceptance criteria met? Please provide reproducible testing instructions, code snippets, or screenshots as applicable.
65
34
-->
66
35
67
-
This PR cannot be either merged or deployed until the following pre-requisite changes have been fully deployed:
68
-
69
-
-CMSgov/some_repo#42
70
-
71
-
<!--
72
-
Helpful hint: if needed, Git allows you to edit your PR's commits and history, prior to merge.
Please indicate if this PR does any of the following:
78
39
79
-
I have gone through and verified that...:
40
+
* Adds any new software dependencies
41
+
* Modifies any security controls
42
+
* Adds new transmission or storage of data
43
+
* Any other changes that could possibly affect security?
80
44
81
-
-[ ] This PR is reasonably limited in scope, to help ensure that:
82
-
1. It doesn't unnecessarily tie a bunch of disparate features, fixes, refactorings, etc. together.
83
-
2. There isn't too much of a burden on reviewers.
84
-
3. Any problems it causes have a small "blast radius".
85
-
4. It'll be easier to rollback if that becomes necessary.
86
-
-[ ] I have named this PR and its branch such that they'll be automatically be linked to the (most) relevant Jira issue, per: <https://confluence.atlassian.com/adminjiracloud/integrating-with-development-tools-776636216.html>.
87
-
-[ ] This PR includes any required documentation changes, including `README` updates and changelog / release notes entries.
88
-
-[ ] All new and modified code is appropriately commented, such that the what and why of its design would be reasonably clear to engineers, preferably ones unfamiliar with the project.
89
-
-[ ] All tech debt and/or shortcomings introduced by this PR are detailed in `TODO` and/or `FIXME` comments, which include a JIRA ticket ID for any items that require urgent attention.
90
-
-[ ] Reviews are requested from both:
91
-
- At least two other engineers on this project, at least one of whom is a senior engineer or owns the relevant component(s) here.
92
-
- Any relevant engineers on other projects (e.g. BFD, SLS, etc.).
93
-
-[ ] Any deviations from the other policies in the [DASG Engineering Standards](https://github.com/CMSgov/cms-oeda-dasg/blob/master/policies/engineering_standards.md) are specifically called out in this PR, above.
94
-
- Please review the standards every few months to ensure you're familiar with them.
45
+
-[ ] Yes, one or more of the above security implications apply. This PR must not be merged without the ISSO or team security engineer's approval.
0 commit comments