04/13/2021 - 04/27/2021
- Review process & experience:
- Moving vendor-staging to regular staging
- Adding new dev environments (sandbox, raft-review, qasp-review, a11y)
- Continue work needed for ATO (2 sprints left!)
- One inactive user task for UX
- UX to plan round 6 (sprints 20-22) and synthesize past sprint research (sprints 16-18) round 5
- Upload front end work #430, #530,
- ADR: Download Strategy
- ADR: Development Environments
- Security control implementation statements(SI-12)
- Updated Government a11y review process documentation
- Generate OWASP ZAP report as part of the CI/CD process
- Inactive users cannot log in
- Upload back end work #485, #352,#670, #457, #486
- [Developer Experience] Remove unnecessary packages
- [Developer Experience] Ability to run on windows #673
- Evil User Prioritized (Approximate) Threat Model #799
- [Design] User needs to know they are inactive
- Add dropdown for quarters selection #738
- [Developer Experience] Remove emojis from code (additional work from #673)
- Buildpacks #735
- [Spike] JWT Key Rotation Documentation
- Update Stakeholders and Personas document in code docs #804 PR to be added
- Download front end work #416
- Upload back end work: #643, #647
- Security control implementation statements, remaining technical controls in the Customer Responsibilty Matrix (AU-02)
- Implement Logging (#762, #767)
- [Infrastructure] Moving to Buildpacks #781, #844
- Antivirus work #817, #818
- [Spike] Investigate and document a plan for integrating with ACF AMS
- CI/CD Audit before ATO
- UX Planning Sprint
- Moving vendor staging to staging
- Front end updates (#430, #530) (Jorge)
- Government a11y review process (Alex P)
- OWASP ZAP Report (John)
- Evil User Journey Workshop plan (Jen & Dmitri)