updates
This commit is contained in:
parent
9800d93a95
commit
38b362dbc8
|
|
@ -23,3 +23,4 @@ screen.
|
|||
* Tracking things to do
|
||||
- Capturing /and scheduling/ tasks
|
||||
- Using the [[id:4d7dffe3-4af4-41d0-85a2-270a20593c8d][Org Mode]] agenda view to plan my day
|
||||
- [[id:038c58e9-2fe9-495a-8dfb-bc3c1c538ad1][Managing projects]]
|
||||
|
|
|
|||
|
|
@ -0,0 +1,5 @@
|
|||
:PROPERTIES:
|
||||
:ID: 65fa9de5-afa9-406c-8576-d94380cc3bec
|
||||
:ROAM_ALIASES: XSS
|
||||
:END:
|
||||
#+title: Cross Site Scripting
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
:PROPERTIES:
|
||||
:ID: e4a20390-fecb-46ff-8949-4f456abdbb09
|
||||
:END:
|
||||
#+title: SQL Injection
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
:PROPERTIES:
|
||||
:ID: 038c58e9-2fe9-495a-8dfb-bc3c1c538ad1
|
||||
:END:
|
||||
#+title: How I manage my projects
|
||||
|
||||
I keep an [[id:0567a35c-3afb-4ed5-a9ec-47425c5d6f06][Org-roam]] file dedicated to my [[id:207560cc-7700-4d06-918d-cc01ae530146][Projects]]. Each project, once it's
|
||||
fleshed out as more than just an idea, gets its own file that its heading links
|
||||
to.
|
||||
|
|
@ -20,7 +20,7 @@
|
|||
:LOGBOOK:
|
||||
- State "TODO" from [2021-09-01 Wed 13:42]
|
||||
:END:
|
||||
** TODO [[id:6413d680-ee2e-43e6-b7c7-10f14e0873c2][Deploying Bulk Tagging to Kubernetes]]
|
||||
** DONE [[id:6413d680-ee2e-43e6-b7c7-10f14e0873c2][Deploying Bulk Tagging to Kubernetes]]
|
||||
:PROPERTIES:
|
||||
:JIRA_ID: CCPANEL-11615
|
||||
:END:
|
||||
|
|
@ -41,26 +41,28 @@
|
|||
:LOGBOOK:
|
||||
- State "TODO" from [2021-09-01 Wed 13:42]
|
||||
:END:
|
||||
** TODO Recipient Service
|
||||
** TODO Deploying Recipient Service to Kubernetes
|
||||
:LOGBOOK:
|
||||
- State "TODO" from [2021-10-13 Wed 16:26]
|
||||
:END:
|
||||
** TODO Tagging Service
|
||||
** TODO Deploying Tagging Service to Kubernetes
|
||||
:LOGBOOK:
|
||||
- State "TODO" from [2021-10-13 Wed 16:26]
|
||||
:END:
|
||||
* Tracking live vs dead / removed code branches in Sites
|
||||
* [[id:3cc8bd09-dd02-4950-8c89-a737f92809fd][Tracking progress of moving pages out of Sites]]
|
||||
* [[id:11edd6c9-b976-403b-a419-b5542ddedaae][Subscriber Search Service]]
|
||||
* [[id:c45881de-46f2-4f76-9579-063626c5956c][Analytics View Service]]
|
||||
* Replace CAPI Services
|
||||
** List API
|
||||
*** TODO Set EOL date for awlists
|
||||
* [[id:4df15f2f-d2e1-40f4-8acd-dbfb78fe304f][Deploy CoreAPI to Kubernetes]]
|
||||
* Replacing CAPI Services
|
||||
** [[id:619b6c78-7be9-4ee4-a0b7-9d1a4d7536e2][Migrating services to use the new List service]]
|
||||
*** DONE Set EOL date for awlists
|
||||
- [2021-08-13 Fri 15:21] :: Discussed this. Also talked about separation of
|
||||
concerns about account status vs list status. Also discussed how an
|
||||
entitlements service might fit into our architecture and how we handle state
|
||||
transitions and reverals (e.g. cancellations).
|
||||
- [2021-08-17 Tue 16:44] :: Set a one-year time limit? Should the public list
|
||||
endpoints be in the new service as well, deprecating public api lists?
|
||||
- [2021-10-18 Mon] :: The expectation is set to be migrated to the new list service exclusively by the end of Q2 2022
|
||||
** Subscribers API
|
||||
* Frontend Client Upgrades
|
||||
** Upgrade Dashboard to React
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@
|
|||
#+end_src
|
||||
|
||||
#+RESULTS:
|
||||
[[file:controllers-migrated-in-sites.png]]
|
||||
[[file:None]]
|
||||
|
||||
** Controllers in Sites
|
||||
#+caption: Identifying the total number of public controllers in the CP
|
||||
|
|
@ -51,7 +51,7 @@
|
|||
#+end_src
|
||||
|
||||
#+RESULTS: js-controller-count
|
||||
: 24
|
||||
: 25
|
||||
|
||||
* Progress over time
|
||||
|
||||
|
|
@ -77,7 +77,7 @@
|
|||
#+end_src
|
||||
|
||||
#+RESULTS:
|
||||
[[file:controllers-migrated-in-sites-over-time.png]]
|
||||
[[file:None]]
|
||||
|
||||
#+caption: Identifying the last tagged release each month
|
||||
#+name: tags
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
* Sanitizing tag display
|
||||
|
||||
** TODO In the autocomplete of the tag input box
|
||||
** DONE In the autocomplete of the tag input box
|
||||
Fixes [[https://jira.aweber.io/browse/CCPANEL-11654][CCPANEL-11654]].
|
||||
|
||||
https://gitlab.aweber.io/BoFs/FE/libraries/tagbox/-/merge_requests/29
|
||||
|
|
@ -17,5 +17,5 @@ https://gitlab.aweber.io/BoFs/FE/libraries/tagbox/-/merge_requests/29
|
|||
** TODO [[id:cd4a8a83-be53-4ec9-8cca-b6f34b59ba35][Subscriber Proxy]]
|
||||
** TODO [[id:321075e7-db53-4676-b785-7c77ed9d1150][Bulk Tagging]]
|
||||
** TODO [[id:7e503917-646f-4275-aab9-3a125b99cbfd][Tagging]]
|
||||
*** Remove outbound sanitization
|
||||
*** Add inbound validation
|
||||
*** TODO Add inbound validation
|
||||
*** TODO Remove outbound sanitization
|
||||
|
|
|
|||
|
|
@ -0,0 +1,6 @@
|
|||
:PROPERTIES:
|
||||
:ID: 0e5f578f-96a2-47d8-8dd9-d0d7f1e4fc35
|
||||
:END:
|
||||
#+title: CP Leads and Product Sync-Up
|
||||
|
||||
A weekly discussion on team priorities.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
:PROPERTIES:
|
||||
:ID: 0a1e48ec-e132-4ec4-81a1-124711330b5a
|
||||
:END:
|
||||
#+title: Manager one-on-one
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
:PROPERTIES:
|
||||
:ID: 619b6c78-7be9-4ee4-a0b7-9d1a4d7536e2
|
||||
:END:
|
||||
#+title: Migrating services to use the new List service
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
:PROPERTIES:
|
||||
:ID: 4df15f2f-d2e1-40f4-8acd-dbfb78fe304f
|
||||
:END:
|
||||
#+title: Deploy CoreAPI to Kubernetes
|
||||
|
||||
- Merge the sub-projects into CAPI?
|
||||
- API Suspenders replacement?
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
:PROPERTIES:
|
||||
:ID: b4438e41-42ed-422e-a1f1-0b763da70fe6
|
||||
:ROAM_REFS: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
|
||||
:END:
|
||||
#+title: Cross Site Scripting Prevention - OWASP Cheat Sheet Series
|
||||
|
||||
Includes notes on performing [[id:2ba04972-f498-41c2-970e-a64c7f3f1c3b][Data sanitization]] on HTML output for the prevension
|
||||
of [[id:65fa9de5-afa9-406c-8576-d94380cc3bec][Cross Site Scripting]] attacks.
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
:PROPERTIES:
|
||||
:ID: 4721a3f0-2f1b-446b-8fc4-dd3b7ca56a35
|
||||
:END:
|
||||
#+title: 2021-10-14
|
||||
|
||||
* Catching up with Ryan M on tag processing
|
||||
- Ryan is looking into a variety of issues around tags on CC
|
||||
- CC-2720 (Tag triggered campaign does not trigger for some subscribers)
|
||||
- CC-6944 (Tag Applied Did Not Trigger Active Campaign)
|
||||
- Ryan's personal dashboard [[https://grafana.aweber.io/d/kLkwIXv7z/rules-engine-insights?orgId=1][Rules Engine Insights]]
|
||||
- Rules engine gets slow from time to time
|
||||
- Rule search endpoint can take up to 10s
|
||||
- There is definitely some subscriber contention, but it doesn't appear to
|
||||
be particularly severe
|
||||
- Slowdowns seem to be best related to rule service slowness
|
||||
- Rule service will be updated to get more insight into what's happening
|
||||
- Needs more metrics
|
||||
- Move into k8s?
|
||||
- Currently, we still don't know what's going on. Ryan will be spending time in
|
||||
the coming sprint to continue investigating the rule service.
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
:PROPERTIES:
|
||||
:ID: 0a10f78a-1ac5-480c-ba18-ba4b02d99c14
|
||||
:END:
|
||||
#+title: 2021-10-19
|
||||
|
||||
* [[id:0e5f578f-96a2-47d8-8dd9-d0d7f1e4fc35][CP Leads and Product Sync-Up]]
|
||||
- Finding a more cohesive strategy for FE work
|
||||
- Different work between David G and David R
|
||||
- Need a better understanding of dependencies between projects
|
||||
- Can I get more involved with the planning around frontend projects? ([[file:~/Nextcloud/org/aweber.org::*Can I get more involved with the planning around frontend projects?][TODO]]
|
||||
)
|
||||
- Defining deadlines for BE service work
|
||||
- Set team goals on when we want to have things done
|
||||
- Define dates for [[id:c45881de-46f2-4f76-9579-063626c5956c][Analytics View Service]] and [[id:11edd6c9-b976-403b-a419-b5542ddedaae][Subscriber Search Service]] ([[file:~/Nextcloud/org/aweber.org::*Define dates for analytics view and search
|
||||
service][TODO]])
|
||||
- Plan an order of attack on larger KTLO [[id:207560cc-7700-4d06-918d-cc01ae530146][Projects]] (goals for end of this year
|
||||
and next year)
|
||||
- [[id:e4d00c11-da8a-4c91-8f38-ce939846e5cb][CAPI]]
|
||||
- [[id:619b6c78-7be9-4ee4-a0b7-9d1a4d7536e2][Migrating services to use the new List service]]
|
||||
- [[id:4df15f2f-d2e1-40f4-8acd-dbfb78fe304f][Deploy CoreAPI to Kubernetes]]
|
||||
- API Suspenders replacement
|
||||
- Remaining services in Chef
|
||||
- Migrating notification bar
|
||||
- Remove requirement of LDAP for notification creation?
|
||||
- Moving services out of AWS
|
||||
- [[id:6413d680-ee2e-43e6-b7c7-10f14e0873c2][Bulk Tagging]]
|
||||
- Tagging
|
||||
- Recipient
|
||||
- Mapping
|
||||
- List settings mockup into React
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
:PROPERTIES:
|
||||
:ID: 29e51b04-ce89-4934-b17f-1f64bffc2069
|
||||
:END:
|
||||
#+title: 2021-10-20
|
||||
* [[id:0a1e48ec-e132-4ec4-81a1-124711330b5a][Manager one-on-one]]
|
||||
- Discuss better ways of:
|
||||
- Capturing new projects
|
||||
- Transforming old projects as priorities shift
|
||||
- Keeping the project list and priorities at the forefront
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
:PROPERTIES:
|
||||
:ID: 5ca2142d-35b2-4230-9268-7c693cb392a5
|
||||
:ROAM_REFS: https://benhoyt.com/writings/dont-sanitize-do-escape/
|
||||
:END:
|
||||
#+title: Don’t try to sanitize input. Escape output.
|
||||
Promotes the use of [[id:9914d09e-99fe-46a6-95be-676c5b78ed90][Input validation]] over [[id:2ba04972-f498-41c2-970e-a64c7f3f1c3b][Data sanitization]] on input data,
|
||||
advocating that data be sanitized on output only ([[id:05698e38-65b2-496c-b02b-1db376ae734c][Validation vs Sanitization]]).
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
:PROPERTIES:
|
||||
:ID: e1e28807-b3fe-4de8-b2e4-443ac604827c
|
||||
:ROAM_REFS: https://shiflett.org/articles/input-filtering
|
||||
:END:
|
||||
#+title: Input Filtering, by Chris Shiflett
|
||||
|
||||
Chris defines what he means by "Input Filtering" ([[id:9914d09e-99fe-46a6-95be-676c5b78ed90][Input validation]])
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
:PROPERTIES:
|
||||
:ID: 1383ec6f-39bb-40c5-8316-6b77d1a25232
|
||||
:ROAM_REFS: https://kevinsmith.io/sanitize-your-inputs/
|
||||
:END:
|
||||
#+title: Sanitize Your Inputs? | Kevin Smith
|
||||
|
||||
An article on the viability of using [[id:2ba04972-f498-41c2-970e-a64c7f3f1c3b][Data sanitization]] on input data versus
|
||||
[[id:9914d09e-99fe-46a6-95be-676c5b78ed90][Input validation]] ([[id:05698e38-65b2-496c-b02b-1db376ae734c][Validation vs Sanitization]]). References [[id:4a7f50e1-2f2b-4bf5-b684-151a48af0281][The Basics of Web
|
||||
Application Security]] and [[id:e1e28807-b3fe-4de8-b2e4-443ac604827c][Input Filtering, by Chris Shiflett]].
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
:PROPERTIES:
|
||||
:ID: 2bcfcaa9-2d38-41c4-994d-98f38547b943
|
||||
:ROAM_REFS: https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
|
||||
:END:
|
||||
#+title: SQL Injection Prevention - OWASP Cheat Sheet Series
|
||||
|
||||
Includes notes on performing [[id:2ba04972-f498-41c2-970e-a64c7f3f1c3b][Data sanitization]] on SQL queries to prevent [[id:e4a20390-fecb-46ff-8949-4f456abdbb09][SQL
|
||||
Injection]] attacks.
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
:PROPERTIES:
|
||||
:ID: 4a7f50e1-2f2b-4bf5-b684-151a48af0281
|
||||
:ROAM_REFS: https://martinfowler.com/articles/web-security-basics.html
|
||||
:END:
|
||||
#+title: The Basics of Web Application Security
|
||||
|
||||
Martin Fowler discusses what he considers to be the basics of web application
|
||||
security, including [[id:9914d09e-99fe-46a6-95be-676c5b78ed90][Input validation]] and [[id:2ba04972-f498-41c2-970e-a64c7f3f1c3b][Data sanitization]].
|
||||
Loading…
Reference in New Issue