Giter Site home page Giter Site logo

healthcatalyst / documentation Goto Github PK

View Code? Open in Web Editor NEW
14.0 27.0 17.0 55.2 MB

Content for healthcare.ai, old posts, some hosted notebooks

Home Page: http://healthcare.ai

HTML 73.14% CSS 10.92% JavaScript 6.23% Shell 0.02% Ruby 0.06% Jupyter Notebook 9.61% PowerShell 0.01%

documentation's Introduction

documentation's People

Contributors

aylr avatar catalystadmin avatar corytak avatar levithatcher avatar mmastand avatar nielsenmarkus11 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

nielsenmarkus11 aylr daverunfast pabulson adalal78 lulzzz ckanu13k jilldwright56 ruwan80 jshuadvd minghao2016 qualitymeasurement sakampavankumar adoe-data dansim1 lenamax2355 linkonabe

documentation's Issues

ICML abstract

o ML is good, beginning to surface in healthcare research
o Big barrier to implementation is model creation in a production environment
o Healthcare ai written to address this, provide consistent model performance

WS-2019-0017 Medium Severity Vulnerability detected by WhiteSource

WS-2019-0017 - Medium Severity Vulnerability

Vulnerable Library - clean-css-3.4.28.tgz

A well-tested CSS minifier

Library home page: https://registry.npmjs.org/clean-css/-/clean-css-3.4.28.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/clean-css/package.json

Dependency Hierarchy:

  • grunt-contrib-cssmin-1.0.2.tgz (Root Library)
    • clean-css-3.4.28.tgz (Vulnerable Library)

Vulnerability Details

Version of clean-css prior to 4.1.11 are vulnerable to Regular Expression Denial of Service (ReDoS). Untrusted input may cause catastrophic backtracking while matching regular expressions. This can cause the application to be unresponsive leading to Denial of Service.

Publish Date: 2019-02-21

URL: WS-2019-0017

CVSS 2 Score Details (5.0)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://www.npmjs.com/advisories/785

Release Date: 2019-02-21

Fix Resolution: v4.1.11

Step up your Open Source Security Game with WhiteSource here

WS-2015-0018 Medium Severity Vulnerability detected by WhiteSource

WS-2015-0018 - Medium Severity Vulnerability

Vulnerable Library - semver-1.0.14.tgz

The semantic version parser used by npm.

Library home page: http://registry.npmjs.org/semver/-/semver-1.0.14.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/grunt-lib-phantomjs/node_modules/semver/package.json

Dependency Hierarchy:

  • grunt-contrib-qunit-0.7.0.tgz (Root Library)
    • grunt-lib-phantomjs-0.6.0.tgz
      • semver-1.0.14.tgz (Vulnerable Library)

Vulnerability Details

Semver is vulnerable to regular expression denial of service (ReDoS) when extremely long version strings are parsed.

Publish Date: 2015-04-04

URL: WS-2015-0018

CVSS 2 Score Details (5.3)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://nodesecurity.io/advisories/31

Release Date: 2015-04-04

Fix Resolution: Update to a version 4.3.2 or greater

Step up your Open Source Security Game with WhiteSource here

Add Assumptions Document to Healthcareai Documentation

It would be useful to lay out all of the assumptions we're making in one place.

Some examples of assumptions to include might be

  • Response variables for classification problems are coded as 'Y'/'N' (this is already included in the documentation under develop and compare, but it would be nice to put all such requirements together in one place)
  • The factor levels present in the training data are the only factor levels that will be used. If new levels are found in the test data, they will be set to NA/nan and imputed. If you would like to include these new levels, you will need to retrain your model on data that contains the new levels.

ICML conclusion

o ML needs to make an impact in production healthcare
o Tools are one off, hcai changes that
o Models deployed all over continent using these tools, improving outcomes

CVE-2017-16026 Medium Severity Vulnerability detected by WhiteSource

CVE-2017-16026 - Medium Severity Vulnerability

Vulnerable Library - request-2.67.0.tgz

Simplified HTTP request client.

Library home page: http://registry.npmjs.org/request/-/request-2.67.0.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/phantomjs/node_modules/request/package.json

Dependency Hierarchy:

  • grunt-contrib-qunit-0.7.0.tgz (Root Library)
    • grunt-lib-phantomjs-0.6.0.tgz
      • phantomjs-1.9.20.tgz
        • request-2.67.0.tgz (Vulnerable Library)

Vulnerability Details

Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the body. This affects Request >=2.2.6 <2.47.0 || >2.51.0 <=2.67.0.

Publish Date: 2018-06-04

URL: CVE-2017-16026

CVSS 3 Score Details (5.9)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: High
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: None
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-16026

Release Date: 2018-06-04

Fix Resolution: 2.47.1,2.67.1

Step up your Open Source Security Game with WhiteSource here

ICML discussion

o New tools introduced democratize machine learning
o Bridge the gap to production environments
o Pragmatic tools and outcomes based SWE decisions
o Rolled out to improve outcomes or save money in over 10 different hospitals

ICML results

Success stories we want to highlight:

  • CLABSI risk with IUH
  • Readmissions models: COPD with Alberta and Mission
  • Noshows with Dartmouth
  • Propensity to pay with Alina

Paragraphs:

  • Intro to discuss that the package is being used in different environments, across platforms, applications, etc. Conveying how widely applicable it is. introduce case studies.
  • one on each case:
    • business question
    • characteristics of the data set
    • feature selection process
    • model choice
    • performance (AUC, FPR, TPR)
    • workflow integration
    • patients affected
    • time required to create
    • past data size and age
    • training time

questions:

  • how many people per day are getting scored?
  • how far back does the data go?
  • how many hospitals does it come from and go to?
  • output from Cory

figures:

  • ROC/PR (Mike)
  • Table with other models (Levi)

CVE-2018-3721 Medium Severity Vulnerability detected by WhiteSource

CVE-2018-3721 - Medium Severity Vulnerability

Vulnerable Libraries - lodash-3.10.1.tgz, lodash-2.4.2.tgz, lodash-4.6.1.tgz

lodash-3.10.1.tgz

The modern build of lodash modular utilities.

Library home page: http://registry.npmjs.org/lodash/-/lodash-3.10.1.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/jsdoctypeparser/node_modules/lodash/package.json

Dependency Hierarchy:

  • grunt-contrib-csslint-1.0.0.tgz (Root Library)
    • lodash-3.10.1.tgz (Vulnerable Library)
lodash-2.4.2.tgz

A utility library delivering consistency, customization, performance, & extras.

Library home page: http://registry.npmjs.org/lodash/-/lodash-2.4.2.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/fg-lodash/node_modules/lodash/package.json

Dependency Hierarchy:

  • grunt-saucelabs-9.0.1.tgz (Root Library)
    • requestretry-1.9.1.tgz
      • fg-lodash-0.0.2.tgz
        • lodash-2.4.2.tgz (Vulnerable Library)
lodash-4.6.1.tgz

Lodash modular utilities.

Library home page: http://registry.npmjs.org/lodash/-/lodash-4.6.1.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/grunt-jscs/node_modules/lodash/package.json

Dependency Hierarchy:

  • grunt-jscs-3.0.1.tgz (Root Library)
    • lodash-4.6.1.tgz (Vulnerable Library)

Vulnerability Details

lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects.

Publish Date: 2018-06-07

URL: CVE-2018-3721

CVSS 3 Score Details (6.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: High
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-3721

Release Date: 2018-06-07

Fix Resolution: 4.17.5

Step up your Open Source Security Game with WhiteSource here

ICML intro and literature survey

o ML is huge in tech, going to make a splash in healthcare. Need for hc tool.
o Software tool intro
o Software tool basic feature overview and review of other tools that compete

WS-2018-0075 Medium Severity Vulnerability detected by WhiteSource

WS-2018-0075 - Medium Severity Vulnerability

Vulnerable Library - concat-stream-1.5.0.tgz

writable stream that concatenates strings or binary data and calls a callback with the result

Library home page: http://registry.npmjs.org/concat-stream/-/concat-stream-1.5.0.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/extract-zip/node_modules/concat-stream/package.json

Dependency Hierarchy:

  • grunt-contrib-qunit-0.7.0.tgz (Root Library)
    • grunt-lib-phantomjs-0.6.0.tgz
      • phantomjs-1.9.20.tgz
        • extract-zip-1.5.0.tgz
          • concat-stream-1.5.0.tgz (Vulnerable Library)

Vulnerability Details

Versions of concat-stream before 1.5.2 are vulnerable to memory exposure if userp provided input is passed into write()

Versions <1.3.0 are not affected due to not using unguarded Buffer constructor.

Publish Date: 2018-04-25

URL: WS-2018-0075

CVSS 2 Score Details (5.0)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://nodesecurity.io/advisories/597

Release Date: 2018-01-27

Fix Resolution: 1.5.2

Step up your Open Source Security Game with WhiteSource here

ICML formatting

Zotero. Style guides can be found on the ICML submissions page.

ICML methods

o Automation in imputation, dropping, and feature selection
o Models included: RF, LMM, Lasso. Background and workings of each
o Interpretability: feature importance, row wise guidance
o Ease of deployment in a production environment

CVE-2016-10540 High Severity Vulnerability detected by WhiteSource

CVE-2016-10540 - High Severity Vulnerability

Vulnerable Libraries - minimatch-0.2.12.tgz, minimatch-0.2.14.tgz

minimatch-0.2.12.tgz

a glob matcher in javascript

Library home page: http://registry.npmjs.org/minimatch/-/minimatch-0.2.12.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/csscomb-core/node_modules/minimatch/package.json

Dependency Hierarchy:

  • grunt-csscomb-3.1.1.tgz (Root Library)
    • csscomb-3.1.8.tgz
      • csscomb-core-3.0.0-3.1.tgz
        • minimatch-0.2.12.tgz (Vulnerable Library)
minimatch-0.2.14.tgz

a glob matcher in javascript

Library home page: http://registry.npmjs.org/minimatch/-/minimatch-0.2.14.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/vow-fs/node_modules/minimatch/package.json

Dependency Hierarchy:

  • grunt-csscomb-3.1.1.tgz (Root Library)
    • csscomb-3.1.8.tgz
      • csscomb-core-3.0.0-3.1.tgz
        • vow-fs-0.3.2.tgz
          • glob-3.2.8.tgz
            • minimatch-0.2.14.tgz (Vulnerable Library)

Vulnerability Details

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatch(path, pattern) in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter.

Publish Date: 2018-05-31

URL: CVE-2016-10540

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nodesecurity.io/advisories/118

Release Date: 2016-06-20

Fix Resolution: Update to version 3.0.2 or later.

Step up your Open Source Security Game with WhiteSource here

WS-2018-0210 Low Severity Vulnerability detected by WhiteSource

WS-2018-0210 - Low Severity Vulnerability

Vulnerable Libraries - lodash-3.10.1.tgz, lodash-2.4.2.tgz, lodash-4.6.1.tgz

lodash-3.10.1.tgz

The modern build of lodash modular utilities.

Library home page: http://registry.npmjs.org/lodash/-/lodash-3.10.1.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/jsdoctypeparser/node_modules/lodash/package.json

Dependency Hierarchy:

  • grunt-contrib-csslint-1.0.0.tgz (Root Library)
    • lodash-3.10.1.tgz (Vulnerable Library)
lodash-2.4.2.tgz

A utility library delivering consistency, customization, performance, & extras.

Library home page: http://registry.npmjs.org/lodash/-/lodash-2.4.2.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/fg-lodash/node_modules/lodash/package.json

Dependency Hierarchy:

  • grunt-saucelabs-9.0.1.tgz (Root Library)
    • requestretry-1.9.1.tgz
      • fg-lodash-0.0.2.tgz
        • lodash-2.4.2.tgz (Vulnerable Library)
lodash-4.6.1.tgz

Lodash modular utilities.

Library home page: http://registry.npmjs.org/lodash/-/lodash-4.6.1.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/grunt-jscs/node_modules/lodash/package.json

Dependency Hierarchy:

  • grunt-jscs-3.0.1.tgz (Root Library)
    • lodash-4.6.1.tgz (Vulnerable Library)

Vulnerability Details

In the node_module "lodash" before version 4.17.11 the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects.

Publish Date: 2018-11-25

URL: WS-2018-0210

CVSS 2 Score Details (3.5)

Base Score Metrics not available

Suggested Fix

Type: Change files

Origin: lodash/lodash@90e6199

Release Date: 2018-08-31

Fix Resolution: Replace or update the following files: lodash.js, test.js

Step up your Open Source Security Game with WhiteSource here

CVE-2018-1000620 High Severity Vulnerability detected by WhiteSource

CVE-2018-1000620 - High Severity Vulnerability

Vulnerable Library - cryptiles-2.0.5.tgz

General purpose crypto utilities

Library home page: http://registry.npmjs.org/cryptiles/-/cryptiles-2.0.5.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/cryptiles/package.json

Dependency Hierarchy:

  • grunt-contrib-qunit-0.7.0.tgz (Root Library)
    • grunt-lib-phantomjs-0.6.0.tgz
      • phantomjs-1.9.20.tgz
        • request-2.67.0.tgz
          • hawk-3.1.3.tgz
            • cryptiles-2.0.5.tgz (Vulnerable Library)

Vulnerability Details

Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: Insufficient Entropy vulnerability in randomDigits() method that can result in An attacker is more likely to be able to brute force something that was supposed to be random.. This attack appear to be exploitable via Depends upon the calling application.. This vulnerability appears to have been fixed in 4.1.2.

Publish Date: 2018-07-09

URL: CVE-2018-1000620

CVSS 3 Score Details (9.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-1000620

Release Date: 2019-04-08

Fix Resolution: 4.1.2

Step up your Open Source Security Game with WhiteSource here

CVE-2018-16487 High Severity Vulnerability detected by WhiteSource

CVE-2018-16487 - High Severity Vulnerability

Vulnerable Libraries - lodash-3.10.1.tgz, lodash-2.4.2.tgz

lodash-3.10.1.tgz

The modern build of lodash modular utilities.

Library home page: http://registry.npmjs.org/lodash/-/lodash-3.10.1.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/jsdoctypeparser/node_modules/lodash/package.json

Dependency Hierarchy:

  • grunt-contrib-csslint-1.0.0.tgz (Root Library)
    • lodash-3.10.1.tgz (Vulnerable Library)
lodash-2.4.2.tgz

A utility library delivering consistency, customization, performance, & extras.

Library home page: http://registry.npmjs.org/lodash/-/lodash-2.4.2.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/fg-lodash/node_modules/lodash/package.json

Dependency Hierarchy:

  • grunt-saucelabs-9.0.1.tgz (Root Library)
    • requestretry-1.9.1.tgz
      • fg-lodash-0.0.2.tgz
        • lodash-2.4.2.tgz (Vulnerable Library)

Vulnerability Details

A prototype pollution vulnerability was found in lodash <4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.

Publish Date: 2019-02-01

URL: CVE-2018-16487

CVSS 3 Score Details (9.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16487

Release Date: 2019-02-01

Fix Resolution: 4.17.11

Step up your Open Source Security Game with WhiteSource here

WS-2018-0148 Low Severity Vulnerability detected by WhiteSource

WS-2018-0148 - Low Severity Vulnerability

Vulnerable Library - utile-0.2.1.tgz

A drop-in replacement for `util` with some additional advantageous functions

Library home page: https://registry.npmjs.org/utile/-/utile-0.2.1.tgz

Path to dependency file: /documentation/jekyll/public/bootstrap-3.3.7/package.json

Path to vulnerable library: /tmp/git/documentation/jekyll/public/bootstrap-3.3.7/node_modules/utile/package.json

Dependency Hierarchy:

  • grunt-jscs-3.0.1.tgz (Root Library)
    • jscs-3.0.7.tgz
      • prompt-0.2.14.tgz
        • utile-0.2.1.tgz (Vulnerable Library)

Vulnerability Details

utile allocates uninitialized Buffers when number is passed in input.
Before version 0.3.0

Publish Date: 2018-07-16

URL: WS-2018-0148

CVSS 2 Score Details (1.8)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://hackerone.com/reports/321701

Release Date: 2018-01-16

Fix Resolution: 0.3.0

Step up your Open Source Security Game with WhiteSource here

Finalize notebook location

@levithatcher commented on Fri Feb 24 2017

Py repo has its own notebook

R notebooks live in the docs repo

Should we

  • Move py notebook to docs?
  • Or notebooks that belong to r repo to that repo?

Be sure to catch all links from the online docs and README.md files

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.