Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Src11 security information standard #55

Merged
merged 28 commits into from
Mar 12, 2024
Merged

Src11 security information standard #55

merged 28 commits into from
Mar 12, 2024

Conversation

SwayStar123
Copy link
Member

Type of change

  • New feature

Changes

The following changes have been made:

  • The new security information standard has been added.

@SwayStar123 SwayStar123 marked this pull request as ready for review January 25, 2024 11:28
@SwayStar123 SwayStar123 requested a review from a team as a code owner January 25, 2024 11:28
bitzoic
bitzoic requested changes Feb 13, 2024
View reviewed changes
Copy link
Member

@bitzoic bitzoic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would break the required function section and the SecurityInformation struct into two parts. The function defining that it returns the struct and then the SecurityInformation section defining the struct's contents and any optional parameters.

The header logo in the README is using the Vault Standards README, this must be updated.

standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md

# Security Considerations

The information is entirely self reported and as such might not be accurate. Accuracy of information cannot be enforced and as such, anyone using this information should be aware of that.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"might not be accurate"

Isn't it defined in the standard that it must be up to date?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah but people can lie lol, important to note that its entirely self reported, just because its on the blockchain doesnt make it verified or real

SwayStar123 and others added 11 commits February 14, 2024 15:58
@SwayStar123 @bitzoic
Update standards/src11-security-information/README.md
c1685c3 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123 @bitzoic
Update standards/src11-security-information/README.md
e22184f 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123 @bitzoic
Update standards/src11-security-information/README.md
f6b1482 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123 @bitzoic
Update standards/src11-security-information/README.md
89df71d 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123 @bitzoic
Update standards/src11-security-information/README.md
cc6979f 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123 @bitzoic
Update standards/src11-security-information/README.md
d5070fc 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123 @bitzoic
Update standards/src11-security-information/README.md
1104a40 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123
add ISO wiki link
1c29efc
@SwayStar123
remove erroneous not
b1d7959
@SwayStar123
split into struct and function
a7a2a30
@SwayStar123
add correct logo banners
e7937b9
@SwayStar123 SwayStar123 requested a review from bitzoic February 19, 2024 08:10
dmihal
dmihal previously approved these changes Feb 19, 2024
View reviewed changes
bitzoic
bitzoic reviewed Feb 23, 2024
View reviewed changes
Copy link
Member

@bitzoic bitzoic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just needs the examples and standard to be added to their respective workspace as well as a link to the standard in the source README

examples/src11-security-information/hardcoded-information/src/main.sw Outdated Show resolved Hide resolved
standards/src11-security-information/src/src11.sw Outdated Show resolved Hide resolved
standards/src11-security-information/src/src11.sw Outdated Show resolved Hide resolved
standards/src11-security-information/src/src11.sw Outdated Show resolved Hide resolved
standards/src11-security-information/src/src11.sw Outdated Show resolved Hide resolved
standards/src11-security-information/src/src11.sw Outdated Show resolved Hide resolved
standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md Outdated Show resolved Hide resolved
standards/src11-security-information/README.md
- The struct MAY contain `None` for `Option<T>` type fields, if they are deemed unnecessary.
- The struct MUST NOT contain empty `String` or `Vec` fields.
- The struct MAY contain a link or the information directly for the following fields: `project_url`, `policy`, `encryption`, `source_code`, `auditors`, `acknowledgments`, `additional_information`.
- The struct MUST contain the information directly for the following fields: `name`, `contact_information`, `preferred_languages`, `source_release`, and `source_revision`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure how I feel about "directly". Maybe "The struct MUST contain the following information encoded as a String for the following fields:"?

@bitzoic bitzoic added New Standard Label used to filter for the introduction of a new standard SRC-11 Label used to filter for the standard issue labels Feb 23, 2024
SwayStar123 and others added 4 commits February 23, 2024 13:04
@SwayStar123 @bitzoic
Update standards/src11-security-information/src/src11.sw
ed1af8a 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123 @bitzoic
Update standards/src11-security-information/src/src11.sw
e96b296 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123 @bitzoic
Update standards/src11-security-information/src/src11.sw
ed85cc8 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123 @bitzoic
Update standards/src11-security-information/README.md
ef4da8b 
Co-authored-by: Cameron Carstens <bitzoic.eth@gmail.com>
@SwayStar123 SwayStar123 requested a review from bitzoic February 27, 2024 09:04
@K1-R1 K1-R1 self-requested a review March 12, 2024 15:50
@SwayStar123 SwayStar123 merged commit b6f76e1 into master Mar 12, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@K1-R1 K1-R1 K1-R1 approved these changes

@bitzoic bitzoic bitzoic approved these changes

@dmihal dmihal dmihal left review comments

Assignees

@SwayStar123 SwayStar123

Labels
New Standard Label used to filter for the introduction of a new standard SRC-11 Label used to filter for the standard issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@SwayStar123 @dmihal @bitzoic @K1-R1