search

fecgov / openFEC

The first RESTful API for the Federal Election Commission. We're aiming to make campaign finance more accessible for journalists, academics, developers, and other transparency seekers.
https://api.open.fec.gov/developers
Other
479 stars 106 forks source link

Check logs Sprint 24.i Week 1 #5795

Closed tmpayton closed 5 months ago

tmpayton commented 5 months ago

Log review needs to be completed per the Security Event Review Checklist (https://github.com/fecgov/FEC/wiki/Security-Event-Review-Checklist)

Ref: https://github.com/fecgov/openFEC/issues/5783

cnlucas commented 5 months ago

FEC-CMS: 4 package.json: 2 [Snyk Medium - es5-ext Regular Expression Denial of Service (ReDoS)] (https://github.com/fecgov/fec-cms/issues/6132) [Dompurify] (https://github.com/fecgov/fec-cms/issues/6206) requirements.txt: 2 [Sqlparse] (https://github.com/fecgov/fec-cms/issues/6207) Gunicorn

OPENFEC: 3 package.json: 0 requirements.txt: 3 [Snyk Medium - Werkzeug] (https://github.com/fecgov/openFEC/issues/5742) Gunicorn Flask-cors requirements-dev.txt: 2 [Snyk Medium - Werkzeug] (https://github.com/fecgov/openFEC/issues/5742) #ticket was recreated [Snyk Low] - Flask-cors

FLYWAY: 1 Flyway com.nimbusds:nimbus-jose-jwt

FEC-EREGS: 2 package.json: 0 requirements.txt: 2 Gunicorn [Sqlparse] (https://github.com/fecgov/fec-eregs/issues/851)

FEC-PATTERN-LIBRARY: None package.json: 0

Search logs: 0 change Cloud.gov Dashboard: 9 deployer accounts

Off-boarding: None

App Health check: CPU entitlement is not good https://fecgov.slack.com/archives/C3W9XBBJL/p1710945945373159 Memory looks ok and cpu usage high for api on 4/11.