Scope

This document was born out of the need by Ensono Digital Site Reliability Engineering to manage vulnerabilities across the Ensono Stacks repository set, therefore it is limited to the repositories and technologies listed below. The applicability of the approaches and techniques involved may trivially be applied to other repositories using the same technology, and by definition any repository based upon an Ensono Stacks repository.

Important

The stacks-ancillary-resources isn’t considered in scope, running builds likely breaks Azure DevOps permissions, thus it is a reference repository.

Repository	Technologies	Dependabot	SonarCloud
stacks-dotnet		✔	✔
stacks-java-module-parent		✔	✔
stacks-nx-plugins		✔	✔
stacks-data		✔
stacks-docker-images		✔
stacks-pipeline-templates		✔
stacks-cli		✔
stacks-infrastructure-aca		✔
stacks-java		✔	✔
stacks-infrastructure-eks		✔
stacks-terraform		✔
stacks-nx		✔
stacks-infrastructure-aks		✔
stacks-project-template	N/A	✔
stacks-ancillary-resources		✔
stacks-infrastructure-aci		✔
stacks-azure-data		✔
stacks-data-azure-public		✔
stacks-java-azure-cosmos		✔
stacks-java-aws-dynamodb		✔
stacks-java-azure-servicebus		✔
stacks-java-core-messaging		✔
stacks-java-core-cqrs		✔
stacks-java-core-commons		✔
stacks-java-core-api		✔
stacks-aws		✔
stacks-java-cqrs		✔	✔
stacks-java-cqrs-events		✔
stacks-performance-tests		✔
stacks-nextjs-federated-modules-example		✔
stacks-java-aws-sqs		✔
stacks-envfile		✔
stacks-dotnet-webapp-automation		✔
stacks-release-notes		✔