NIH | National Cancer Institute | NCI Wiki  

Error rendering macro 'rw-search'

null

Versions Compared

Old Version 10

changes.mady.by.user Benson, Mark (NIH/NCI) [C]

Saved on

compared with

New Version 11

changes.mady.by.user Benson, Mark (NIH/NCI) [C]

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Ticket Description Actions, Update

Security team has flagged EVS stage host( nciws-p803) for JQuery vulnerability with full details as per below.

Eric asked us to remove it from lower tiers but we found no evidence of it there. It should be removed from Stage

Jason sent email message to remove the jar from Stage.

Appears that Systems was asking security team about location of file; sec team 

Lucas, Jason (NIH/NCI) [C]  will send an email.

NEXT ACTION: - wait till next week for update  

NCI-RITM0473138

Discuss DOS strategy, tactics with Systems

Waiting on appt time for mtg/call

Do we want a banner on the pages?

Is it possible to have a trigger to send alert?

ACTION: come up with a design for message for users on how to use/access data.

ACTION: possibly investigate what could be happening internally to the issue. (one message was from netsparker scan)

ACTION: brainstorm and discuss, discuss ideas and thoughts by next week exclamation mark 

ACTION: follow-up with Systems if no meeting is scheduled by Oct 9.

NCI-INC0779210NCIterms outageWait to watch status; 
 Outage continues for Term Form

there was an attack last night 4:48 - 5:16

Is the outage that happened this morning just from a Netsparker scan?

ACTION: wait and watch?


SYSTEMS
EVS transition to virtual machines

STATUSWaiting on PROD VM to be ready. Once PROD VM is ready, will switch PROD and STAGE at same time

Systems


OBJECTIVE: be able to update public-facing pages with banners quickly and efficiently, with Consistent styling desired for all sites.


ACTION:

  •  Build responsibility list for public facing pages (Jason Lucas compiled the list) thumbs up 

Application

URL

Developer/POC

Term Browser

https://nciterms.nci.nih.gov/

Guidehouse/Kim Ong

Metathesaurus Browser

https://ncim.nci.nih.gov/

Guidehouse/Kim Ong

Term Suggestion Application

https://ncitermform.nci.nih.gov/

Guidehouse/Kim Ong

EVS Explore

https://evsexplore.semantics.cancer.gov

WCI/Brian Carlsen

EVSRESTAPI (Swagger Page)

https://api-evsrest.nci.nih.gov/swagger-ui/index.html

WCI/Brian Carlsen

EVS website

https://evs.nci.nih.gov/

Clint Malone?

Report Exporter

https://evs.cancer.gov/report-exporter

Mayo/Andrew Moore

LexEVS CTS2 docs                          

https://lexevscts2docs.nci.nih.gov

Mayo/Tracy Safran

LexEVS CTS2 Landing Page

https://lexevscts2.nci.nih.gov/lexevscts2/

Mayo/Tracy Safran

EVS Semantic Integration Platform

https://sip.evs.cancer.gov/evssip/

ESI/Ye Wu

NEXT     


ACTION:

  •  
Type your task here, using "@" to assign to a user and "//" to select a due date

LEXEVS UPDATES

Planning

  • Complete Report Exporter refactoring and dependency updates

    • (see EVSREPEXP-475 -> 483)

  • RMI Retirement - in progress

    • Update test script
  • Examine feasibility of Java 17
  • Miscellaneous bug fixes
    • Investigate ERROR messages (both reported by Jason Lucas, and catalina.out  

LexEVS Sprint Status


Completed Sprint - Sprint 212 (Sept 4 - Sept 29)  – Burndown Report

Current Sprint  - Sprint 213 (Oct 2 - Oct 27) LINK TO Jira Sprint 213

  • EVSREPEXP-491 resolve branch-download list not being displayed on chrome browser (now FIXED)
  • EVSREPEXP-433 Security issue: set-value vulnerability
  • LEXEVSCTS2-452 test_associations_subject_of call revealed hierarchy bug
  • EVSREPEXP-478 Feedback form is not coming up
  • LEXEVS-5341 Update Spring to Spring 6
  • LEXEVSCTS2-453 Update CTS2 welcome with digital sytle requirements (header, footer, etc)
  • LEXEVS-5252 Read an Entity by URI throwing a 302 error
  • LEXEVSCTS2-431 Service resource does not populate Service name/version
  • LEXEVS-5361 Investigate Java 17

Technical Debt remediation

LexEVS Code Debt Refactoring

  • Coding complete on lexevs services - except for isolated dependencies
    • The isolated dependencies largely depend on using an updated version of Java (e.g. they are using more current Java versions. Java 21 LTS is the current version.  FYI: the LTS stands for "long-term support". LTS versions are Java 11, Java 17, and Java 21. The more popular non-LTS Java version is Java 14)
    • Scott is investigating costs and feasibility of Java 17 (see LEXEVS-5361 above)
    • LEXEVSCTS2-447 javax-servlet - on hold, until we update Java 17
    • LEXEVSCTS2-446 spring-boot - on hold, until we update Java 17
  • Work on NCIt Browser - ehcache beta on dev. Kim approves promotion (Scott)
Report Exporter

    • Discussion Points:

      • Vulnerable dependencies - in progress
        • Red Herring: while Andrew was debugging, was getting "no results" for Concept codes – turns out it was service problems. 
        • Improving unit testing remaining
      • Ticket 487 - on Prod
      • Feedback form
        • Need to research approval procedure, Mark was asked to reach out to OCPL
        • Andrew to supply copy of survey form from RE


Security

Statistics Dashboard

OBJECTIVE: Complete Migration of Statistics Dashboard from SumoLogi to DataDog by March 2024

STATUS:

The queries used in the Statistics Dashboard have been shared with < someone on migration team > (as of Sept 2023).

They are working on migrating from "SumoLogic" format to DataDog format 

  • SumoLogic Query: 
  • Data Dog Query


ACTIONS:

  •  ask how migration is going (show # of queries, # migrated, etc) 

View file
namedbm_sd_actions.7ee020748834b8a28b07d02f5e65e6e0.avif.pdf
height150

Comparison/Mapping Tool
  • On Hold
AWS Cloud to be in Separate Account

Discussion Points

  • Waiting on AWS team

Decision Points:

Team Absences


Mayo Team - Tracy off Oct 12, 13.  In training Wed, Fri.  Andrew off Oct 27

MSC - 

Leidos - 

QA -

Gov - 


EVS SERVICE AND ARCHITECTURE GROUP UPDATES
EVS Service and Architecture Group

Discussion Points:



DATA UPDATES
Data

Discussion Points: 

Decision Points:

DECIDED: Data Deployment should continue as planned - no reason to delay.


BROWSER UPDATES

Browser

QA UPDATES

QA

Discussion Points: 

Decision Points: 



TERMINOLOGIES LIFECYCLE REPORT

Terminology Updates and Schedule 

Discussion Points: 

Decision Points: 

Mark Benson TPM Update
  • Complete Anti-Harrassment training
  • Research Scraper attack on NCI Terms Browser

...