Tags: CMSgov/bcda-static-site
Tags
Cclf files update frequency (#246) ## 🎫 Ticket https://jira.cms.gov/browse/BCDA-8965 ## 🛠 Changes <!-- What was added, updated, or removed in this PR? --> ## ℹ️ Context <!-- Why were these changes made? Add background context suitable for a non-technical audience. --> <!-- If any of the following security implications apply, this PR must not be merged without Stephen Walter's approval. Explain in this section and add @SJWalter11 as a reviewer. - Adds a new software dependency or dependencies. - Modifies or invalidates one or more of our security controls. - Stores or transmits data that was not stored or transmitted before. - Requires additional review of security implications for other reasons. --> ## 🧪 Validation <!-- How were the changes verified? Did you fully test the acceptance criteria in the ticket? Provide reproducible testing instructions and screenshots if applicable. -->
Fix typo in understanding data page (#239) ## 🎫 Ticket https://jira.cms.gov/browse/BCDA-8934?src=confmacro ## 🛠 Changes [Fix typo in understanding data page](https://jira.cms.gov/browse/BCDA-8934?src=confmacro) ## ℹ️ Context From Michael Valdes' friction log <!-- If any of the following security implications apply, this PR must not be merged without Stephen Walter's approval. Explain in this section and add @SJWalter11 as a reviewer. - Adds a new software dependency or dependencies. - Modifies or invalidates one or more of our security controls. - Stores or transmits data that was not stored or transmitted before. - Requires additional review of security implications for other reasons. --> ## 🧪 Validation <!-- How were the changes verified? Did you fully test the acceptance criteria in the ticket? Provide reproducible testing instructions and screenshots if applicable. -->
BCDA-8862: Test sonarqube exclusions (#235) ## 🎫 Ticket https://jira.cms.gov/browse/BCDA-8862 ## 🛠 Changes Fix sonarqube quality scan ## ℹ️ Context Deploy workflow failing on sonarqube quality scan <!-- If any of the following security implications apply, this PR must not be merged without Stephen Walter's approval. Explain in this section and add @SJWalter11 as a reviewer. - Adds a new software dependency or dependencies. - Modifies or invalidates one or more of our security controls. - Stores or transmits data that was not stored or transmitted before. - Requires additional review of security implications for other reasons. --> ## 🧪 Validation Testing workflow on push
BCDA-8434 Update credential management guidelines (#217) ## 🎫 Ticket https://jira.cms.gov/browse/bcda-8434 ## 🛠 Changes Added the updated credential management instructions to build.html and included a small announcement in updates.html ## ℹ️ Context This content was originally drafted to be a new subpage in a redesigned version of the site, but can be dropped into the current site. It will be helpful for new model entities joining in 2025 and getting started with BCDA. <!-- If any of the following security implications apply, this PR must not be merged without Stephen Walter's approval. Explain in this section and add @SJWalter11 as a reviewer. - Adds a new software dependency or dependencies. - Modifies or invalidates one or more of our security controls. - Stores or transmits data that was not stored or transmitted before. - Requires additional review of security implications for other reasons. --> ## 🧪 Validation <!-- How were the changes verified? Did you fully test the acceptance criteria in the ticket? Provide reproducible testing instructions and screenshots if applicable. --> 1. Published to staging site for review by @phamjennifer 2. Validated links from side navigation and from updates.html work as intended to /build.html#bcda-credentials <img width="1247" alt="image" src="https://github.com/user-attachments/assets/02b33fe9-c241-4eaa-a38c-8553a328c3d3"> <img width="1187" alt="image" src="https://github.com/user-attachments/assets/70f42ceb-92da-4fcc-b51c-711da4f45c28">
Austin/bcda 8262 tealium snippet (#218) ## 🎫 Ticket https://jira.cms.gov/browse/8262 ## 🛠 Changes Updated Tealium snippet change ## ℹ️ Context Needed to add an additional Tealium script ## 🧪 Validation Available within stage.bcda.gov and BlastX team validation.
Remove option 1 to request a token using curl (#216) Address feedback from Karley's review of staging r79 ## 🎫 Ticket https://cmsgov.slack.com/archives/CHG7Q7XNH/p1730998587225749 ## 🛠 Changes Remove option 1 to request a token using curl ## ℹ️ Context we don't provide a sample command on how to actually 8000 encode the credentials, and it's cleaner to just point everyone to the curl command with the --user flag <!-- If any of the following security implications apply, this PR must not be merged without Stephen Walter's approval. Explain in this section and add @SJWalter11 as a reviewer. - Adds a new software dependency or dependencies. - Modifies or invalidates one or more of our security controls. - Stores or transmits data that was not stored or transmitted before. - Requires additional review of security implications for other reasons. --> ## 🧪 Validation Validated in staging <img width="724" alt="image" src="https://github.com/user-attachments/assets/b977d6f3-f146-4ad3-af82-48ca0d23a96b">
Remove option 1 to request a token using curl (#216) Address feedback from Karley's review of staging r79 ## 🎫 Ticket https://cmsgov.slack.com/archives/CHG7Q7XNH/p1730998587225749 ## 🛠 Changes Remove option 1 to request a token using curl ## ℹ️ Context we don't provide a sample command on how to actually encode the credentials, and it's cleaner to just point everyone to the curl command with the --user flag <!-- If any of the following security implications apply, this PR must not be merged without Stephen Walter's approval. Explain in this section and add @SJWalter11 as a reviewer. - Adds a new software dependency or dependencies. - Modifies or invalidates one or more of our security controls. - Stores or transmits data that was not stored or transmitted before. - Requires additional review of security implications for other reasons. --> ## 🧪 Validation Validated in staging <img width="724" alt="image" src="https://github.com/user-attachments/assets/b977d6f3-f146-4ad3-af82-48ca0d23a96b">
BCDA-8393 Update a few small things, add links (#215) ## 🎫 Ticket https://jira.cms.gov/browse/BCDA-8393 ## 🛠 Changes A few small changes. Adding some links, removal of a word. ## ℹ️ Context <!-- Why were these changes made? Add background context suitable for a non-technical audience. --> <!-- If any of the following security implications apply, this PR must not be merged without Stephen Walter's approval. Explain in this section and add @SJWalter11 as a reviewer. - Adds a new software dependency or dependencies. - Modifies or invalidates one or more of our security controls. - Stores or transmits data that was not stored or transmitted before. - Requires additional review of security implications for other reasons. --> A few small changes from the most recent friction log. ## 🧪 Validation <!-- How were the changes verified? Did you fully test the acceptance criteria in the ticket? Provide reproducible testing instructions and screenshots if applicable. --> Verified changes locally.
PLT-639: Adding gitleaks MBI scanning & updating gitleaks pre-commit … …version (#211) ## 🎫 Ticket https://jira.cms.gov/browse/... ## 🛠 Changes <!-- What was added, updated, or removed in this PR? --> Gitleaks custom config extension was added (.gitleaks.toml) allowing for a regex-based MBI filter to be run against new commits, and the gitleaks pre-commit version was updated to 8.19.x which doesn't affect us at this time. ## ℹ️ Context <!-- Why were these changes made? Add background context suitable for a non-technical audience. --> Bulk API Platform Team has an ongoing goal of improving security and safeguarding PHI/PII for our members, to that end we are applying a belt-and-suspenders approach to preventing leakage of data (such as Medicare Beneficiary Identifiers) in github. <!-- If any of the following security implications apply, this PR must not be merged without Stephen Walter's approval. Explain in this section and add @SJWalter11 as a reviewer. - Adds a new software dependency or dependencies. - Modifies or invalidates one or more of our security controls. - Stores or transmits data that was not stored or transmitted before. - Requires additional review of security implications for other reasons. --> ## Validation <!-- How were the changes verified? Did you fully test the acceptance criteria in the ticket? Provide reproducible testing instructions and screenshots if applicable. --> These changes were tested locally and automatically as they make modifications to the pre-commit functionality, and were initially tested and validated against a pregenerated file with MBI data in PLT-532.
PreviousNext