)]}'
{"doc/source/artifacts/pycadf/queen/architecture-page.rst":[{"author":{"_account_id":28011,"name":"Nicholas Tait","email":"ntait@redhat.com","username":"nickthetait"},"change_message_id":"13c89cf68819ea2935f369d65667ecccb63f4855","unresolved":false,"context_lines":[{"line_number":28,"context_line":"Primary users and use-cases"},{"line_number":29,"context_line":"---------------------------"},{"line_number":30,"context_line":""},{"line_number":31,"context_line":"1. Operators can enable to pyCADF to capture notification events in"},{"line_number":32,"context_line":"   the underlying messaging service."},{"line_number":33,"context_line":""},{"line_number":34,"context_line":"External dependencies \u0026 associated security assumptions"}],"source_content_type":"text/x-rst","patch_set":1,"id":"5f7c97a3_83399c42","line":31,"range":{"start_line":31,"start_character":24,"end_line":31,"end_character":26},"updated":"2018-05-03 16:07:16.000000000","message":"this word isn\u0027t needed","commit_id":"2a7d64ea446c63b03d9470e385278e901b614064"},{"author":{"_account_id":20466,"name":"Tin Lam","email":"tin@lam.wtf","username":"tinlam"},"change_message_id":"f977d4eadf6f8a58596ec9984bfc09ebd5110cb7","unresolved":false,"context_lines":[{"line_number":28,"context_line":"Primary users and use-cases"},{"line_number":29,"context_line":"---------------------------"},{"line_number":30,"context_line":""},{"line_number":31,"context_line":"1. Operators can enable to pyCADF to capture notification events in"},{"line_number":32,"context_line":"   the underlying messaging service."},{"line_number":33,"context_line":""},{"line_number":34,"context_line":"External dependencies \u0026 associated security assumptions"}],"source_content_type":"text/x-rst","patch_set":1,"id":"5f7c97a3_58f12b01","line":31,"range":{"start_line":31,"start_character":24,"end_line":31,"end_character":26},"in_reply_to":"5f7c97a3_83399c42","updated":"2018-05-17 16:09:17.000000000","message":"Done","commit_id":"2a7d64ea446c63b03d9470e385278e901b614064"},{"author":{"_account_id":28011,"name":"Nicholas Tait","email":"ntait@redhat.com","username":"nickthetait"},"change_message_id":"13c89cf68819ea2935f369d65667ecccb63f4855","unresolved":false,"context_lines":[{"line_number":36,"context_line":""},{"line_number":37,"context_line":"As the primary function of pyCADF to capture notification events (e.g."},{"line_number":38,"context_line":"keystone user log-in success or failure), it is dependent on a messaging"},{"line_number":39,"context_line":"system such as rabbitMQ to store the notification, and allow operators to"},{"line_number":40,"context_line":"consume and audit the messages."},{"line_number":41,"context_line":""},{"line_number":42,"context_line":"Components"}],"source_content_type":"text/x-rst","patch_set":1,"id":"5f7c97a3_4324e40d","line":39,"range":{"start_line":39,"start_character":37,"end_line":39,"end_character":49},"updated":"2018-05-03 16:07:16.000000000","message":"should this be plural?","commit_id":"2a7d64ea446c63b03d9470e385278e901b614064"},{"author":{"_account_id":20466,"name":"Tin Lam","email":"tin@lam.wtf","username":"tinlam"},"change_message_id":"f977d4eadf6f8a58596ec9984bfc09ebd5110cb7","unresolved":false,"context_lines":[{"line_number":36,"context_line":""},{"line_number":37,"context_line":"As the primary function of pyCADF to capture notification events (e.g."},{"line_number":38,"context_line":"keystone user log-in success or failure), it is dependent on a messaging"},{"line_number":39,"context_line":"system such as rabbitMQ to store the notification, and allow operators to"},{"line_number":40,"context_line":"consume and audit the messages."},{"line_number":41,"context_line":""},{"line_number":42,"context_line":"Components"}],"source_content_type":"text/x-rst","patch_set":1,"id":"5f7c97a3_18dbb37d","line":39,"range":{"start_line":39,"start_character":37,"end_line":39,"end_character":49},"in_reply_to":"5f7c97a3_4324e40d","updated":"2018-05-17 16:09:17.000000000","message":"Done","commit_id":"2a7d64ea446c63b03d9470e385278e901b614064"}],"doc/source/artifacts/pycadf/rocky/architecture-page.rst":[{"author":{"_account_id":21420,"name":"Gage Hugo","email":"gagehugo@gmail.com","username":"ghugo"},"change_message_id":"9ad9d8d1e5901b969c406391fa5599f9ba6a8380","unresolved":false,"context_lines":[{"line_number":6,"context_line":""},{"line_number":7,"context_line":"**Status**: Draft/Ready for review"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"**Release**: Queen"},{"line_number":10,"context_line":""},{"line_number":11,"context_line":"**Version**:"},{"line_number":12,"context_line":""}],"source_content_type":"text/x-rst","patch_set":4,"id":"5f7c97a3_22ec39f2","line":9,"range":{"start_line":9,"start_character":13,"end_line":9,"end_character":18},"updated":"2018-05-17 18:38:42.000000000","message":"Rocky*","commit_id":"347b7335c35c5dbfc0f7e93b558f0779bda8386a"},{"author":{"_account_id":21420,"name":"Gage Hugo","email":"gagehugo@gmail.com","username":"ghugo"},"change_message_id":"9ad9d8d1e5901b969c406391fa5599f9ba6a8380","unresolved":false,"context_lines":[{"line_number":8,"context_line":""},{"line_number":9,"context_line":"**Release**: Queen"},{"line_number":10,"context_line":""},{"line_number":11,"context_line":"**Version**:"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"**Contacts**:"},{"line_number":14,"context_line":""}],"source_content_type":"text/x-rst","patch_set":4,"id":"5f7c97a3_02c81d72","line":11,"updated":"2018-05-17 18:38:42.000000000","message":"We can put 2.7.0 here:\n\nhttps://github.com/openstack/pycadf","commit_id":"347b7335c35c5dbfc0f7e93b558f0779bda8386a"}],"doc/source/artifacts/pycadf/rocky/review-findings.rst":[{"author":{"_account_id":21420,"name":"Gage Hugo","email":"gagehugo@gmail.com","username":"ghugo"},"change_message_id":"9ad9d8d1e5901b969c406391fa5599f9ba6a8380","unresolved":false,"context_lines":[{"line_number":5,"context_line":""},{"line_number":6,"context_line":"**Status**: Draft/Ready for review"},{"line_number":7,"context_line":""},{"line_number":8,"context_line":"**Release**: Queen"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"**Version**:"},{"line_number":11,"context_line":""}],"source_content_type":"text/x-rst","patch_set":4,"id":"5f7c97a3_e2bf21ce","line":8,"range":{"start_line":8,"start_character":13,"end_line":8,"end_character":18},"updated":"2018-05-17 18:38:42.000000000","message":"Rocky*","commit_id":"347b7335c35c5dbfc0f7e93b558f0779bda8386a"},{"author":{"_account_id":21420,"name":"Gage Hugo","email":"gagehugo@gmail.com","username":"ghugo"},"change_message_id":"9ad9d8d1e5901b969c406391fa5599f9ba6a8380","unresolved":false,"context_lines":[{"line_number":7,"context_line":""},{"line_number":8,"context_line":"**Release**: Queen"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"**Version**:"},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"**Review Date**: mm/dd/yyyy"},{"line_number":13,"context_line":""}],"source_content_type":"text/x-rst","patch_set":4,"id":"5f7c97a3_a2b929ea","line":10,"updated":"2018-05-17 18:38:42.000000000","message":"This can be 2.7.0 according to:\n\nhttps://github.com/openstack/pycadf","commit_id":"347b7335c35c5dbfc0f7e93b558f0779bda8386a"},{"author":{"_account_id":21420,"name":"Gage Hugo","email":"gagehugo@gmail.com","username":"ghugo"},"change_message_id":"5568155a2f858605fe5b449d89c652dffec66c21","unresolved":false,"context_lines":[{"line_number":21,"context_line":"- OpenStack Security Project Reviewer: name (irc)"},{"line_number":22,"context_line":""},{"line_number":23,"context_line":""},{"line_number":24,"context_line":"1. Insecure configuration for rabbitMQ"},{"line_number":25,"context_line":"~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"},{"line_number":26,"context_line":""},{"line_number":27,"context_line":"- Risk: User with unauthorized access to the underlying rabbitMQ service may"},{"line_number":28,"context_line":"  delete or gain information from reading notifications on the queue."},{"line_number":29,"context_line":"- Impact: Insecure messaging queue can allow attackers to compromise integrity"},{"line_number":30,"context_line":"  of the audit system."},{"line_number":31,"context_line":"- Likelihood: Medium"},{"line_number":32,"context_line":"- Impact: Low"},{"line_number":33,"context_line":"- Overall Risk Rating: Low"},{"line_number":34,"context_line":"- Bug: \u003clink to launchpad bug for this finding\u003e"},{"line_number":35,"context_line":"- Recommendation: The underlying RabbitMQ service should be protected from"},{"line_number":36,"context_line":"  unauthorized access."},{"line_number":37,"context_line":""},{"line_number":38,"context_line":"2. Insecure transport to messaging service"},{"line_number":39,"context_line":"~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"}],"source_content_type":"text/x-rst","patch_set":4,"id":"5f7c97a3_2269998a","line":36,"range":{"start_line":24,"start_character":0,"end_line":36,"end_character":22},"updated":"2018-05-17 18:31:42.000000000","message":"I\u0027m curious if this is within the scope of pycadf, this seems like it\u0027s more reliant on both rabbitmq itself and the operator to ensure their configuration is secure (ie changing the default user/pass from guest/guest)","commit_id":"347b7335c35c5dbfc0f7e93b558f0779bda8386a"},{"author":{"_account_id":28011,"name":"Nicholas Tait","email":"ntait@redhat.com","username":"nickthetait"},"change_message_id":"e863a09635733fecbeb7d400e8cf512001783e8e","unresolved":false,"context_lines":[{"line_number":9,"context_line":""},{"line_number":10,"context_line":"**Version**: 2.7.0"},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"**Review Date**: mm/dd/yyyy"},{"line_number":13,"context_line":""},{"line_number":14,"context_line":"**Review Body**: \u003cOpenStack Security Project/Name of Third Party Organization\u003e"},{"line_number":15,"context_line":""}],"source_content_type":"text/x-rst","patch_set":5,"id":"5f7c97a3_d19accc2","line":12,"range":{"start_line":12,"start_character":17,"end_line":12,"end_character":27},"updated":"2018-06-29 19:31:02.000000000","message":"(unfamiliar with the process) This is correct to not have a date here yet?","commit_id":"410afc67be1d67abe0342a817fef019db7db461f"},{"author":{"_account_id":20466,"name":"Tin Lam","email":"tin@lam.wtf","username":"tinlam"},"change_message_id":"5c89c2e4c45fcf9328cbac76f75da29e5e3c50e0","unresolved":false,"context_lines":[{"line_number":9,"context_line":""},{"line_number":10,"context_line":"**Version**: 2.7.0"},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"**Review Date**: mm/dd/yyyy"},{"line_number":13,"context_line":""},{"line_number":14,"context_line":"**Review Body**: \u003cOpenStack Security Project/Name of Third Party Organization\u003e"},{"line_number":15,"context_line":""}],"source_content_type":"text/x-rst","patch_set":5,"id":"5f7c97a3_37c8d054","line":12,"range":{"start_line":12,"start_character":17,"end_line":12,"end_character":27},"in_reply_to":"5f7c97a3_37cc5089","updated":"2018-06-29 21:39:26.000000000","message":"will leave it here then and have that updated in the future.","commit_id":"410afc67be1d67abe0342a817fef019db7db461f"},{"author":{"_account_id":21420,"name":"Gage Hugo","email":"gagehugo@gmail.com","username":"ghugo"},"change_message_id":"b5cb9d2e26989fb120c12ce37dcbbad7f23a98d3","unresolved":false,"context_lines":[{"line_number":9,"context_line":""},{"line_number":10,"context_line":"**Version**: 2.7.0"},{"line_number":11,"context_line":""},{"line_number":12,"context_line":"**Review Date**: mm/dd/yyyy"},{"line_number":13,"context_line":""},{"line_number":14,"context_line":"**Review Body**: \u003cOpenStack Security Project/Name of Third Party Organization\u003e"},{"line_number":15,"context_line":""}],"source_content_type":"text/x-rst","patch_set":5,"id":"5f7c97a3_37cc5089","line":12,"range":{"start_line":12,"start_character":17,"end_line":12,"end_character":27},"in_reply_to":"5f7c97a3_d19accc2","updated":"2018-06-29 21:29:55.000000000","message":"With keystonemiddleware, we simply put the date that the general review was done, so for now this can be kept as the template imo.","commit_id":"410afc67be1d67abe0342a817fef019db7db461f"},{"author":{"_account_id":28011,"name":"Nicholas Tait","email":"ntait@redhat.com","username":"nickthetait"},"change_message_id":"e863a09635733fecbeb7d400e8cf512001783e8e","unresolved":false,"context_lines":[{"line_number":18,"context_line":"- PTL: Lance Bragstad (lbragstad)"},{"line_number":19,"context_line":"- Architect: Gage Hugo (gagehugo)"},{"line_number":20,"context_line":"- Security Reviewer: name (irc)"},{"line_number":21,"context_line":"- OpenStack Security Project Reviewer: name (irc)"},{"line_number":22,"context_line":""},{"line_number":23,"context_line":""},{"line_number":24,"context_line":"1. Insecure configuration for rabbitMQ"}],"source_content_type":"text/x-rst","patch_set":5,"id":"5f7c97a3_f1b4a838","line":21,"range":{"start_line":21,"start_character":2,"end_line":21,"end_character":49},"updated":"2018-06-29 19:31:02.000000000","message":"Should this line be tossed out?","commit_id":"410afc67be1d67abe0342a817fef019db7db461f"},{"author":{"_account_id":20466,"name":"Tin Lam","email":"tin@lam.wtf","username":"tinlam"},"change_message_id":"5c89c2e4c45fcf9328cbac76f75da29e5e3c50e0","unresolved":false,"context_lines":[{"line_number":18,"context_line":"- PTL: Lance Bragstad (lbragstad)"},{"line_number":19,"context_line":"- Architect: Gage Hugo (gagehugo)"},{"line_number":20,"context_line":"- Security Reviewer: name (irc)"},{"line_number":21,"context_line":"- OpenStack Security Project Reviewer: name (irc)"},{"line_number":22,"context_line":""},{"line_number":23,"context_line":""},{"line_number":24,"context_line":"1. Insecure configuration for rabbitMQ"}],"source_content_type":"text/x-rst","patch_set":5,"id":"5f7c97a3_97b1a4e3","line":21,"range":{"start_line":21,"start_character":2,"end_line":21,"end_character":49},"in_reply_to":"5f7c97a3_17c1144f","updated":"2018-06-29 21:39:26.000000000","message":"will remove","commit_id":"410afc67be1d67abe0342a817fef019db7db461f"},{"author":{"_account_id":21420,"name":"Gage Hugo","email":"gagehugo@gmail.com","username":"ghugo"},"change_message_id":"b5cb9d2e26989fb120c12ce37dcbbad7f23a98d3","unresolved":false,"context_lines":[{"line_number":18,"context_line":"- PTL: Lance Bragstad (lbragstad)"},{"line_number":19,"context_line":"- Architect: Gage Hugo (gagehugo)"},{"line_number":20,"context_line":"- Security Reviewer: name (irc)"},{"line_number":21,"context_line":"- OpenStack Security Project Reviewer: name (irc)"},{"line_number":22,"context_line":""},{"line_number":23,"context_line":""},{"line_number":24,"context_line":"1. Insecure configuration for rabbitMQ"}],"source_content_type":"text/x-rst","patch_set":5,"id":"5f7c97a3_17c1144f","line":21,"range":{"start_line":21,"start_character":2,"end_line":21,"end_character":49},"in_reply_to":"5f7c97a3_f1b4a838","updated":"2018-06-29 21:29:55.000000000","message":"possibly","commit_id":"410afc67be1d67abe0342a817fef019db7db461f"}]}