Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Prod] Revert worker transactions, fix slow program query, address medium OWASP warnings #2281

Merged
merged 37 commits into from
Jul 19, 2024
Merged

[Prod] Revert worker transactions, fix slow program query, address medium OWASP warnings #2281

merged 37 commits into from
Jul 19, 2024

Conversation

thewatermethod
Copy link
Collaborator

@thewatermethod thewatermethod commented Jul 19, 2024
edited
Loading

Description of change

  • This PR reverts TTAHUB-3097 so that we can address warnings and errors in the logs that it has created.
  • It also addresses medium dynamic security scan warnings by altering our content-security policy and removing problematic HTTP response headers.
  • Finally, it optimizes a query within the activity reports service that was fetching programs separately and would cause latency when exporting CSVs.

How to test

The CI/all tests pass. Email notifications are sent without error. You can export activity report csv's.

Issue(s)

Checklists

Every PR

  • Meets issue criteria
  • JIRA ticket status updated
  • Code is meaningfully tested
  • Meets accessibility standards (WCAG 2.1 Levels A, AA)
  • API Documentation updated
  • Boundary diagram updated
  • Logical Data Model updated
  • Architectural Decision Records written for major infrastructure decisions
  • UI review complete

Before merge to main

  • OHS demo complete
  • Ready to create production PR

Production Deploy

  • Staging smoke test completed

After merge/deploy

  • Update JIRA ticket status

thewatermethod and others added 30 commits July 12, 2024 09:28
@thewatermethod
Initial OWASP tinkering
68bf924
@AdamAdHocTeam
remove one off for programs
ce95447
@AdamAdHocTeam
Tested Matts idea we can simply remove this function
5e534b7
@thewatermethod
Fix duplicative CSP keys
8f78a63
@thewatermethod
Self host Merriweather
a2a5d37
@thewatermethod
Renove extraneous Merriweathers
7bdb975
@thewatermethod
Revise style-src
1509f1d
@GarrettEHill
Update record.ts
eca68fd
@GarrettEHill
test fixes
5a90451
@thewatermethod
Merge remote-tracking branch 'origin/main' into mb/TTAHUB-3040/owasp
60a3ae6
@thewatermethod
deploy to sandbox
8c8ce2e
@thewatermethod
rollback style-src CSP changes
0e203ea
@thewatermethod
Switch to minimal plotly build
cd10e47
@thewatermethod
Reimplement strict style-src policy
5b201a5
@thewatermethod
Revert "Switch to minimal plotly build"
0c0cfe5 
This reverts commit cd10e47.
@thewatermethod
Revert "Revert "Switch to minimal plotly build""
0e421db 
This reverts commit 0c0cfe5.
@thewatermethod
What does OWASP have to say about this?
cc143e7
@thewatermethod
Use strict dynamic
62b8a4d
@thewatermethod
Use "unsafe-inline"
7cd5d4d
@thewatermethod
Revert "Revert "Revert "Switch to minimal plotly build"""
478bd4e 
This reverts commit 0e421db.
@thewatermethod
Move postCSS to peer deps and dev deps
105dd49
@thewatermethod
Rename unwanted renaming
5b08469
@thewatermethod
Might as well set the X-CONTENT-TYPE while we are here
fc549ce
@GarrettEHill
fix the error identified by Matt during review
0f6294f
@GarrettEHill
lint
a92d949
@GarrettEHill
Update record.test.js
499b8c3
@GarrettEHill
Update transactionWrapper.ts
3808c2e
@GarrettEHill
Merge pull request #2271 from HHS/TTAHUB-3125/refactor-lock
184165d 
[TTAHUB-3125] Monitoring Data Issue
@AdamAdHocTeam
Merge pull request #2268 from HHS/al-ttahub-3083-optimize-program-query
957c663 
[TTAHUB-3083] Integrate programs retrieve into normal sequelize pattern
@thewatermethod
Merge pull request #2275 from HHS/suppress-postcss-warnings
1b6af17 
Move postCSS to peer deps and dev deps
@thewatermethod thewatermethod changed the title [Prod] [Prod] Revert worker transactions, fix slow program query, address medium OWASP warnings Jul 19, 2024
@thewatermethod thewatermethod marked this pull request as ready for review July 19, 2024 16:48
@kryswisnaskas kryswisnaskas self-requested a review July 19, 2024 17:22
kryswisnaskas
kryswisnaskas approved these changes Jul 19, 2024
View reviewed changes
Copy link
Collaborator

@kryswisnaskas kryswisnaskas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Merging this since it is urgent and addresses new errors in production.

@kryswisnaskas kryswisnaskas merged commit 97e35f3 into production Jul 19, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kryswisnaskas kryswisnaskas kryswisnaskas approved these changes

@Jones-QuarteyDana Jones-QuarteyDana Awaiting requested review from Jones-QuarteyDana

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@thewatermethod @kryswisnaskas @AdamAdHocTeam @GarrettEHill