From 713496eb3dcbe5ff51798128c4c5c7900be577d8 Mon Sep 17 00:00:00 2001 From: "Allen D. Householder" Date: Tue, 25 Jun 2024 13:54:05 -0400 Subject: [PATCH] Merge main --> publish (#587) * Bump pandas from 2.2.1 to 2.2.2 (#557) Bumps [pandas](https://github.com/pandas-dev/pandas) from 2.2.1 to 2.2.2. - [Release notes](https://github.com/pandas-dev/pandas/releases) - [Commits](https://github.com/pandas-dev/pandas/compare/v2.2.1...v2.2.2) --- updated-dependencies: - dependency-name: pandas dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump scikit-learn from 1.4.1.post1 to 1.4.2 (#556) Bumps [scikit-learn](https://github.com/scikit-learn/scikit-learn) from 1.4.1.post1 to 1.4.2. - [Release notes](https://github.com/scikit-learn/scikit-learn/releases) - [Commits](https://github.com/scikit-learn/scikit-learn/compare/1.4.1.post1...1.4.2) --- updated-dependencies: - dependency-name: scikit-learn dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Allen D. Householder * Bump mkdocs-print-site-plugin from 2.3.6 to 2.4.0 in the mkdocs group (#555) Bumps the mkdocs group with 1 update: [mkdocs-print-site-plugin](https://github.com/timvink/mkdocs-print-site-plugin). Updates `mkdocs-print-site-plugin` from 2.3.6 to 2.4.0 - [Release notes](https://github.com/timvink/mkdocs-print-site-plugin/releases) - [Commits](https://github.com/timvink/mkdocs-print-site-plugin/compare/v2.3.6...v2.4.0) --- updated-dependencies: - dependency-name: mkdocs-print-site-plugin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: mkdocs ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Updated Mission-Impact in Deployer.json and in csvs/child_trees to match latest (#559) * i18n improvement to Deployer.json (#560) * Updated Mission-Impact in Deployer.json and in csvs/child_trees to match latest * Add keys to Deployer.json example Issue-123-1 * Update in CSS to fix default darkmode/blackbody * Bump the mkdocs group with 2 updates (#563) * Bump the mkdocs group with 2 updates Bumps the mkdocs group with 3 updates: [mkdocs](https://github.com/mkdocs/mkdocs), [mkdocs-material](https://github.com/squidfunk/mkdocs-material) and [mkdocstrings-python](https://github.com/mkdocstrings/python). (mkdocs 1.6.0 ignored because incompatible with mkdocs-material 9.5.18 Updates `mkdocs-material` from 9.5.17 to 9.5.18 - [Release notes](https://github.com/squidfunk/mkdocs-material/releases) - [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG) - [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.17...9.5.18) Updates `mkdocstrings-python` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/mkdocstrings/python/releases) - [Changelog](https://github.com/mkdocstrings/python/blob/main/CHANGELOG.md) - [Commits](https://github.com/mkdocstrings/python/compare/1.9.2...1.10.0) --- updated-dependencies: - dependency-name: mkdocs dependency-type: direct:production update-type: version-update:semver-minor dependency-group: mkdocs - dependency-name: mkdocs-material dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs - dependency-name: mkdocstrings-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: mkdocs ... Signed-off-by: dependabot[bot] * Update requirements.txt --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Allen D. Householder * replace vuls.cert.org CVD guide links with certcc.github.io links (#562) * Add requirements.txt trigger to link_checker.yml Linkchecker also confirms that the site builds successfully, so any changes to the pip requirements should trigger it to run as well. * Bump dataclasses-json from 0.6.4 to 0.6.5 (#566) Bumps [dataclasses-json](https://github.com/lidatong/dataclasses-json) from 0.6.4 to 0.6.5. - [Release notes](https://github.com/lidatong/dataclasses-json/releases) - [Commits](https://github.com/lidatong/dataclasses-json/compare/v0.6.4...v0.6.5) --- updated-dependencies: - dependency-name: dataclasses-json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump the mkdocs group across 1 directory with 5 updates (#567) Bumps the mkdocs group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [mkdocs](https://github.com/mkdocs/mkdocs) | `1.5.3` | `1.6.0` | | [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) | `6.0.5` | `6.0.6` | | [mkdocs-table-reader-plugin](https://github.com/timvink/mkdocs-table-reader-plugin) | `2.1.0` | `2.2.0` | | [mkdocs-material](https://github.com/squidfunk/mkdocs-material) | `9.5.18` | `9.5.21` | | [mkdocstrings](https://github.com/mkdocstrings/mkdocstrings) | `0.24.3` | `0.25.1` | Updates `mkdocs` from 1.5.3 to 1.6.0 - [Release notes](https://github.com/mkdocs/mkdocs/releases) - [Commits](https://github.com/mkdocs/mkdocs/compare/1.5.3...1.6.0) Updates `mkdocs-include-markdown-plugin` from 6.0.5 to 6.0.6 - [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases) - [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v6.0.5...v6.0.6) Updates `mkdocs-table-reader-plugin` from 2.1.0 to 2.2.0 - [Release notes](https://github.com/timvink/mkdocs-table-reader-plugin/releases) - [Commits](https://github.com/timvink/mkdocs-table-reader-plugin/compare/v2.1.0...v2.2.0) Updates `mkdocs-material` from 9.5.18 to 9.5.21 - [Release notes](https://github.com/squidfunk/mkdocs-material/releases) - [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG) - [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.18...9.5.21) Updates `mkdocstrings` from 0.24.3 to 0.25.1 - [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases) - [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md) - [Commits](https://github.com/mkdocstrings/mkdocstrings/compare/0.24.3...0.25.1) --- updated-dependencies: - dependency-name: mkdocs dependency-type: direct:production update-type: version-update:semver-minor dependency-group: mkdocs - dependency-name: mkdocs-include-markdown-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs - dependency-name: mkdocs-table-reader-plugin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: mkdocs - dependency-name: mkdocs-material dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs - dependency-name: mkdocstrings dependency-type: direct:production update-type: version-update:semver-minor dependency-group: mkdocs ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jsonschema from 4.21.1 to 4.22.0 (#568) Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.21.1 to 4.22.0. - [Release notes](https://github.com/python-jsonschema/jsonschema/releases) - [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst) - [Commits](https://github.com/python-jsonschema/jsonschema/compare/v4.21.1...v4.22.0) --- updated-dependencies: - dependency-name: jsonschema dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump dataclasses-json from 0.6.5 to 0.6.6 (#572) * Bump the mkdocs group with 3 updates (#571) Bumps the mkdocs group with 3 updates: [mkdocs-table-reader-plugin](https://github.com/timvink/mkdocs-table-reader-plugin), [mkdocs-material](https://github.com/squidfunk/mkdocs-material) and [mkdocs-print-site-plugin](https://github.com/timvink/mkdocs-print-site-plugin). Updates `mkdocs-table-reader-plugin` from 2.2.0 to 2.2.1 - [Release notes](https://github.com/timvink/mkdocs-table-reader-plugin/releases) - [Commits](https://github.com/timvink/mkdocs-table-reader-plugin/compare/v2.2.0...v2.2.1) Updates `mkdocs-material` from 9.5.21 to 9.5.22 - [Release notes](https://github.com/squidfunk/mkdocs-material/releases) - [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG) - [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.21...9.5.22) Updates `mkdocs-print-site-plugin` from 2.4.0 to 2.4.1 - [Release notes](https://github.com/timvink/mkdocs-print-site-plugin/releases) - [Commits](https://github.com/timvink/mkdocs-print-site-plugin/compare/v2.4.0...v2.4.1) --- updated-dependencies: - dependency-name: mkdocs-table-reader-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs - dependency-name: mkdocs-material dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs - dependency-name: mkdocs-print-site-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump the mkdocs group with 3 updates (#573) Bumps the mkdocs group with 3 updates: [mkdocs-table-reader-plugin](https://github.com/timvink/mkdocs-table-reader-plugin), [mkdocs-material](https://github.com/squidfunk/mkdocs-material) and [mkdocstrings-python](https://github.com/mkdocstrings/python). Updates `mkdocs-table-reader-plugin` from 2.2.1 to 2.2.2 - [Release notes](https://github.com/timvink/mkdocs-table-reader-plugin/releases) - [Commits](https://github.com/timvink/mkdocs-table-reader-plugin/compare/v2.2.1...v2.2.2) Updates `mkdocs-material` from 9.5.22 to 9.5.24 - [Release notes](https://github.com/squidfunk/mkdocs-material/releases) - [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG) - [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.22...9.5.24) Updates `mkdocstrings-python` from 1.10.0 to 1.10.2 - [Release notes](https://github.com/mkdocstrings/python/releases) - [Changelog](https://github.com/mkdocstrings/python/blob/main/CHANGELOG.md) - [Commits](https://github.com/mkdocstrings/python/compare/1.10.0...1.10.2) --- updated-dependencies: - dependency-name: mkdocs-table-reader-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs - dependency-name: mkdocs-material dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs - dependency-name: mkdocstrings-python dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump scikit-learn from 1.4.2 to 1.5.0 (#575) Bumps [scikit-learn](https://github.com/scikit-learn/scikit-learn) from 1.4.2 to 1.5.0. - [Release notes](https://github.com/scikit-learn/scikit-learn/releases) - [Commits](https://github.com/scikit-learn/scikit-learn/compare/1.4.2...1.5.0) --- updated-dependencies: - dependency-name: scikit-learn dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump the mkdocs group with 2 updates (#574) Bumps the mkdocs group with 2 updates: [mkdocs-material](https://github.com/squidfunk/mkdocs-material) and [mkdocstrings-python](https://github.com/mkdocstrings/python). Updates `mkdocs-material` from 9.5.24 to 9.5.25 - [Release notes](https://github.com/squidfunk/mkdocs-material/releases) - [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG) - [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.24...9.5.25) Updates `mkdocstrings-python` from 1.10.2 to 1.10.3 - [Release notes](https://github.com/mkdocstrings/python/releases) - [Changelog](https://github.com/mkdocstrings/python/blob/main/CHANGELOG.md) - [Commits](https://github.com/mkdocstrings/python/compare/1.10.2...1.10.3) --- updated-dependencies: - dependency-name: mkdocs-material dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs - dependency-name: mkdocstrings-python dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump the mkdocs group with 3 updates (#577) * Fixed URL Typo in README.md (#578) * Bump dataclasses-json from 0.6.6 to 0.6.7 (#580) Bumps [dataclasses-json](https://github.com/lidatong/dataclasses-json) from 0.6.6 to 0.6.7. - [Release notes](https://github.com/lidatong/dataclasses-json/releases) - [Commits](https://github.com/lidatong/dataclasses-json/compare/v0.6.6...v0.6.7) --- updated-dependencies: - dependency-name: dataclasses-json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump the mkdocs group with 2 updates (#579) Bumps the mkdocs group with 2 updates: [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) and [mkdocs-material](https://github.com/squidfunk/mkdocs-material). Updates `mkdocs-include-markdown-plugin` from 6.1.1 to 6.2.0 - [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases) - [Commits](https://github.com/mondeja/mkdocs-include-markdown-plugin/compare/v6.1.1...v6.2.0) Updates `mkdocs-material` from 9.5.25 to 9.5.26 - [Release notes](https://github.com/squidfunk/mkdocs-material/releases) - [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG) - [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.25...9.5.26) --- updated-dependencies: - dependency-name: mkdocs-include-markdown-plugin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: mkdocs - dependency-name: mkdocs-material dependency-type: direct:production update-type: version-update:semver-patch dependency-group: mkdocs ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * empty dockerfile * Dockerfile to run pytest * Mention docker in README.md * use 3.12 slim bookworm as base container * Bump mkdocs-material from 9.5.26 to 9.5.27 in the mkdocs group (#583) * Bump the mkdocs group with 2 updates (#585) * Make schema available via data/ folder for certcc.github.io (#586) --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Vijay Sarvepalli Co-authored-by: Patrick Garrity --- .github/workflows/link_checker.yml | 2 ++ Dockerfile | 18 ++++++++++++++++ README.md | 25 +++++++++++++++++++++- data/csvs/child_trees/human-impact.csv | 5 ----- data/schema_examples/CISA-Coordinator.json | 1 - docs/data | 1 + docs/howto/coordination_intro.md | 4 ++-- docs/howto/coordination_triage_decision.md | 4 ++-- docs/howto/publication_decision.md | 2 +- docs/ssvc-calc/Deployer.json | 15 ++++--------- docs/ssvc-calc/css.css | 11 ++++++++-- docs/ssvc-calc/findex.html | 2 +- requirements.txt | 24 ++++++++++----------- 13 files changed, 76 insertions(+), 38 deletions(-) create mode 100644 Dockerfile delete mode 120000 data/schema_examples/CISA-Coordinator.json create mode 120000 docs/data diff --git a/.github/workflows/link_checker.yml b/.github/workflows/link_checker.yml index 6d0f83c7..9bb6119d 100644 --- a/.github/workflows/link_checker.yml +++ b/.github/workflows/link_checker.yml @@ -10,6 +10,8 @@ on: - '**/*.md' # run on any PR that changes this workflow - .github/workflows/linkchecker.yml + # run on any PR that changes the pip requirements + - requirements.txt # let us trigger it manually workflow_dispatch: diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..37a6d682 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,18 @@ +FROM python:3.12-slim-bookworm + +WORKDIR /app + +# install requirements +COPY requirements.txt . +RUN pip install -r requirements.txt + +# Copy the files we need +COPY src/ . +COPY data ./data + +# install pytest +RUN pip install pytest + +# run the unit tests \ +ENTRYPOINT ["pytest"] +CMD ["test"] diff --git a/README.md b/README.md index 1b0cf593..ae0a2910 100644 --- a/README.md +++ b/README.md @@ -69,7 +69,7 @@ This directory holds helper scripts that can make managing or using SSVC easier. ### `/src/ssvc/*` The `ssvc` python module provides tools to work with decision points, decision point groups, and outcomes. -These modules are used to generate documentation for various [Decision Points](https://certcc.github.io/SSVC/reference/decsion_points/) +These modules are used to generate documentation for various [Decision Points](https://certcc.github.io/SSVC/reference/decision_points/) Documentation for the `ssvc` module can be found at [https://certcc.github.io/SSVC/reference/code/](https://certcc.github.io/SSVC/reference/code/) @@ -101,6 +101,29 @@ Navigate to http://localhost:8001/ to see the site. (Hint: You can use the `--dev-addr` argument with mkdocs to change the port, e.g. `mkdocs serve --dev-addr localhost:8000`) +## Run tests + +We include a few tests for the `ssvc` module. + +### With Docker + +```bash + +docker build -t ssvc_test . +docker run -it --rm ssvc_test +``` + +### Without Docker + +```bash +pip install pytest # if you haven't already + +pytest # should find tests in src/test/* +``` + + + + ## Contributing - [SSVC Community Engagement](https://certcc.github.io/SSVC/about/contributing/) has more detail on how to contribute to the project. diff --git a/data/csvs/child_trees/human-impact.csv b/data/csvs/child_trees/human-impact.csv index ea4383cc..03c75179 100644 --- a/data/csvs/child_trees/human-impact.csv +++ b/data/csvs/child_trees/human-impact.csv @@ -1,25 +1,20 @@ Situated Safety Impact , Mission Impact , Human Impact - None , None , Low None , Degraded , Low None , Crippled , Low None , MEF Failure , Medium None , Mission Failure , Very High - Minor , None , Low Minor , Degraded , Low Minor , Crippled , Low Minor , MEF Failure , Medium Minor , Mission Failure , Very High - Major , None , Medium Major , Degraded , Medium Major , Crippled , Medium Major , MEF Failure , High Major , Mission Failure , Very High - Hazardous , None , High Hazardous , Degraded , High Hazardous , Crippled , High Hazardous , MEF Failure , High Hazardous , Mission Failure , Very High - Catastrophic , None , Very High Catastrophic , Degraded , Very High Catastrophic , Crippled , Very High Catastrophic , MEF Failure , Very High diff --git a/data/schema_examples/CISA-Coordinator.json b/data/schema_examples/CISA-Coordinator.json deleted file mode 120000 index 5f850134..00000000 --- a/data/schema_examples/CISA-Coordinator.json +++ /dev/null @@ -1 +0,0 @@ -../../ssvc-calc/CISA-Coordinator.json \ No newline at end of file diff --git a/docs/data b/docs/data new file mode 120000 index 00000000..4909e06e --- /dev/null +++ b/docs/data @@ -0,0 +1 @@ +../data \ No newline at end of file diff --git a/docs/howto/coordination_intro.md b/docs/howto/coordination_intro.md index ebcb0a90..abccf08a 100644 --- a/docs/howto/coordination_intro.md +++ b/docs/howto/coordination_intro.md @@ -11,7 +11,7 @@ A coordinator may want to gather and publish information about SSVC decision poi Furthermore, a coordinator may only publish some of the information it uses to make decisions. Consistent with other stakeholder perspectives (supplier and deployer), SSVC provides the priority with which a coordinator should take some defined action, but not how to do that action. For more information about types of coordinators and their facilitation actions within vulnerability management, see -[The CERT Guide to Coordinated Vulnerability Disclosure](https://vuls.cert.org/confluence/display/CVD/3.5.+Coordinator) +[The CERT Guide to Coordinated Vulnerability Disclosure](https://certcc.github.io/CERT-Guide-to-CVD/topics/roles/coordinator/) The two decisions that CERT/CC makes as a coordinator that we will discuss in terms of SSVC are @@ -27,7 +27,7 @@ These two decisions are not the entirety of vulnerability coordination, but we l Different coordinators have different scopes and constituencies. -See [The CERT Guide to Coordinated Vulnerability Disclosure](https://vuls.cert.org/confluence/display/CVD/3.5.+Coordinator) for a listing of different coordinator types. +See [The CERT Guide to Coordinated Vulnerability Disclosure](https://certcc.github.io/CERT-Guide-to-CVD/topics/roles/coordinator/) for a listing of different coordinator types. If a coordinator receives a report that is outside its own work scope or constituency, it should make an effort to route the report to a more suitable coordinator. The decisions in this section assume the report or vulnerability in question is within the work scope or constituency for the coordinator. diff --git a/docs/howto/coordination_triage_decision.md b/docs/howto/coordination_triage_decision.md index b85dd4cd..18ef5d5c 100644 --- a/docs/howto/coordination_triage_decision.md +++ b/docs/howto/coordination_triage_decision.md @@ -27,7 +27,7 @@ SSVC can be applied to either the initial report or to the results of such refin ## Coordinator Triage Decision Outcomes -We take three priority levels in our decision about whether and how to [coordinate](https://vuls.cert.org/confluence/display/CVD/1.1.+Coordinated+Vulnerability+Disclosure+is+a+Process%2C+Not+an+Event) +We take three priority levels in our decision about whether and how to [coordinate](https://certcc.github.io/CERT-Guide-to-CVD/tutorials/cvd_is_a_process/) a vulnerability based on an incoming report: !!! info "Coordinator Triage Priority" @@ -57,7 +57,7 @@ a vulnerability based on an incoming report: (VRDA) provides a starting point for a decision model for this situation. VRDA is likely [adequate](https://insights.sei.cmu.edu/library/effectiveness-of-the-vulnerability-response-decision-assistance-vrda-framework/) for national-level CSIRTs that do general CVD, but other CSIRT types may have different needs. - The [*CERT Guide to Coordinated Vulnerability Disclosure*](https://vuls.cert.org/confluence/display/CVD/6.10+Troubleshooting+Coordinated+Vulnerability+Disclosure+Table) + The [*CERT Guide to Coordinated Vulnerability Disclosure*](https://certcc.github.io/CERT-Guide-to-CVD/howto/coordination/cvd_recipes/) provides something similar for those who are deciding how to report and disclose vulnerabilities they have discovered. The coordination and publication decisions for CERT/CC are about the social and collaborative state of vulnerability management. diff --git a/docs/howto/publication_decision.md b/docs/howto/publication_decision.md index c9320a7e..a19a93d7 100644 --- a/docs/howto/publication_decision.md +++ b/docs/howto/publication_decision.md @@ -31,7 +31,7 @@ Two points where CERT/CC policy clearly influences the publication decision are As a matter of policy, CERT/CC will support an embargo from the public of information about a vulnerability through its choice not to publish that information while a number of conditions hold: - - A negotiated embargo timer has not expired. The CERT/CC default embargo period is [45 days](https://vuls.cert.org/confluence/display/Wiki/Vulnerability+Disclosure+Policy). + - A negotiated embargo timer has not expired. The CERT/CC default embargo period is [45 days](https://certcc.github.io/CERT-Guide-to-CVD/reference/certcc_disclosure_policy/). - Other exceptions have not been met, including active exploitation of the vulnerability in the wild or other public discussion of the vulnerability details. diff --git a/docs/ssvc-calc/Deployer.json b/docs/ssvc-calc/Deployer.json index fb4af309..0254ca26 100644 --- a/docs/ssvc-calc/Deployer.json +++ b/docs/ssvc-calc/Deployer.json @@ -99,11 +99,6 @@ "label": "Mission Impact", "key": "M", "options": [ - { - "label": "none", - "key": "N", - "description": "Little to no impact up to degradation of non-essential functions; chronic degradation would eventually harm essential functions. (aka Non-Essential Degraded)" - }, { "label": "degraded", "key": "D", @@ -132,6 +127,7 @@ { "label": "Human Impact", "decision_type": "complex", + "key": "H", "children": [ { "label": "Situated Safety Impact" @@ -158,7 +154,6 @@ "child_label": "Mission Impact", "child_key": "M", "child_option_labels":[ - "none", "degraded", "crippled" ] @@ -201,7 +196,6 @@ "child_label": "Mission Impact", "child_key": "M", "child_option_labels":[ - "none", "degraded", "crippled" ] @@ -243,7 +237,6 @@ "child_label": "Mission Impact", "child_key": "M", "child_option_labels":[ - "none", "degraded", "crippled", "mef failure" @@ -292,7 +285,6 @@ "child_label": "Mission Impact", "child_key": "M", "child_option_labels":[ - "none", "degraded", "crippled", "mef failure", @@ -335,7 +327,8 @@ "color": "#EA3423" } ], - "label": "Priority" + "label": "Priority", + "key": "P" } ], "decisions_table": [ { @@ -844,6 +837,6 @@ } ], "lang": "en", - "version": "2.0", + "version": "2.0.0", "title": "Deployer v2.1.0" } diff --git a/docs/ssvc-calc/css.css b/docs/ssvc-calc/css.css index ecf4f301..833e01bd 100644 --- a/docs/ssvc-calc/css.css +++ b/docs/ssvc-calc/css.css @@ -1,4 +1,8 @@ -/* css version 2.2.8 */ +/* css version 2.2.9 */ +#helper { + background-color: rgba(255,255,255,0.95); + border: 1px solid grey; +} .ssvcvector { color: #7d1d1d; } @@ -185,12 +189,15 @@ span.bold { text-decoration: none; color: #fefefe; } +.blackbody .top_fixed { + background-color: rgba(0,0,0,0.9); +} .top_fixed { display:none; position:fixed; top:10px; z-index: 1051; - background-color: rgba(0,0,0,0.9); + background-color: #f8f8ff; height: 100%; width:75%; padding:12px; diff --git a/docs/ssvc-calc/findex.html b/docs/ssvc-calc/findex.html index 277c9425..afab1d97 100644 --- a/docs/ssvc-calc/findex.html +++ b/docs/ssvc-calc/findex.html @@ -319,7 +319,7 @@
Public Well-being Impact Decision Values
Stakeholder-Specific Vulnerability Categorization (SSVC)
- version 2 (October 2020) + Introduction

Introduction:

diff --git a/requirements.txt b/requirements.txt index 9697f1db..1059d8db 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,15 +1,15 @@ -mkdocs==1.5.3 -mkdocs-bibtex==2.15.0 -mkdocs-include-markdown-plugin==6.0.5 -mkdocs-table-reader-plugin==2.1.0 -mkdocs-material==9.5.17 +mkdocs==1.6.0 +mkdocs-bibtex==2.16.0 +mkdocs-include-markdown-plugin==6.2.1 +mkdocs-table-reader-plugin==2.2.2 +mkdocs-material==9.5.27 mkdocs-material-extensions==1.3.1 -mkdocstrings==0.24.3 -mkdocstrings-python==1.9.2 -mkdocs-print-site-plugin==2.3.6 -dataclasses-json==0.6.4 +mkdocstrings==0.25.1 +mkdocstrings-python==1.10.5 +mkdocs-print-site-plugin==2.5.0 +dataclasses-json==0.6.7 thefuzz==0.22.1 -pandas==2.2.1 -scikit-learn==1.4.1.post1 -jsonschema==4.21.1 +pandas==2.2.2 +scikit-learn==1.5.0 +jsonschema==4.22.0 networkx==3.3