Add development bundles to ignored bundles for Healthcheck
Closed this issue · 4 comments
At least the following bundles should be there, according to the Adobe Security Checklist:
value => [
'org.apache.sling.jcr.webdav',
'org.apache.sling.jcr.davex',
'com.adobe.granite.crx-explorer',
'com.adobe.granite.crxde-lite',
],
The Twitter one shouldn't be needed by the way, you can use the ACS Commons package with the min
-classifier. :)
@henrykuijpers Thanks ! Do you have a link to the Adobe Security checklist where they are recommending it ?
Thanks !
I think it's https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/security-checklist.html?lang=en#security .
Check if the CRX development bundles are present
These development OSGi bundles should be uninstalled on both author and publish productive systems before making them accessible.
Adobe CRXDE Support (com.adobe.granite.crxde-support)
Adobe Granite CRX Explorer (com.adobe.granite.crx-explorer)
Adobe Granite CRXDE Lite (com.adobe.granite.crxde-lite)
So if the above bundles are not installed as per security guideline, then the fact that those bundles don't exist shouldn't impact the health check.
@henrykuijpers @Carnifrex thanks very much for the PR. our apologies that it takes a year.
this will be included in 3.2.0 .
@henrykuijpers @Carnifrex thanks very much for the PR. our apologies that it takes a year.
this will be included in 3.2.0 .