-
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
953472a
commit 00bbab9
Showing
4 changed files
with
106 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| --- | ||
| name: Add a new compliance check | ||
| about: Use it when you want to work in a new compliance check | ||
| title: 'Add Compliance check:' | ||
| labels: compliance-checks | ||
| assignees: UlisesGascon | ||
|
|
||
| --- | ||
|
|
||
| ### How the Check Works | ||
|
|
||
| _Provide a clear definition_ | ||
|
|
||
|
|
||
| ### Pending Tasks | ||
| - [ ] **1. Define a Good Implementation** | ||
| - [ ] Read the documentation (guidelines, best practices...) | ||
| - [ ] Brainstorm how to implement this check (logic, alerts, tasks, validations, edge cases...). | ||
| - [ ] Achieve an agreement on the implementation details before starting to work on this. | ||
| - [ ] **2. Update Check Record** | ||
| - [ ] Update the `compliance_checks` row with the following fields: `how_to_url`, `implementation_status`, `implementation_type` and `implementation_details_reference` | ||
| - [ ] Check the migration scripts using `npm run db:migrate` and `npm run db:rollback` | ||
| - [ ] Update the database schema by running `npm run db:generate-schema` | ||
| - [ ] **3. Implement the Business Logic** | ||
| - [ ] Add the specific validator in `src/checks/validators/index.js` | ||
| - [ ] Add the check logic in `src/checks/complianceChecks` | ||
| - [ ] Ensure that the check is in scope for the organization (use `isCheckApplicableToProjectCategory`) | ||
| - [ ] Ensure that the `severity` value is well calculated (use `getSeverityFromPriorityGroup`) | ||
| - [ ] Add the alert row in the `compliance_checks_alerts` table when is needed. | ||
| - [ ] Add the task row in the `compliance_checks_tasks` table when is needed. | ||
| - [ ] Add the result row in the `compliance_checks_results` table. | ||
| - [ ] **4. Ensure It Works as Expected** | ||
| - [ ] Add new unit tests for the validator check. | ||
| - [ ] Add new integration test cases for this check. | ||
| - [ ] Verify that all tests are passing. | ||
| - [ ] Run the command `check run --name {check_code_name}` and verify the changes in the database. Update the seed script if needed (`npm run db:seed`) | ||
| - [ ] **5. Update the website** | ||
| - [ ] Review the current content it in `https://openjs-security-program-standards.netlify.app/details/{check_code_name}` | ||
| - [ ] Create a PR in https://github.com/secure-dashboards/openjs-security-program-standards to include how we calculate this check and include additional information on the mitigation if needed. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| --- | ||
| name: Bug report | ||
| about: Create a report to help us improve | ||
| title: "[BUG]" | ||
| labels: bug | ||
| assignees: '' | ||
|
|
||
| --- | ||
|
|
||
| **Describe the bug** | ||
| A clear and concise description of what the bug is. | ||
|
|
||
| **To Reproduce** | ||
| Steps to reproduce the behavior: | ||
| 1. Go to '...' | ||
| 2. Click on '....' | ||
| 3. Scroll down to '....' | ||
| 4. See error | ||
|
|
||
| **Expected behavior** | ||
| A clear and concise description of what you expected to happen. | ||
|
|
||
| **Screenshots** | ||
| If applicable, add screenshots to help explain your problem. | ||
|
|
||
| **Desktop (please complete the following information):** | ||
| - OS: [e.g. iOS] | ||
| - Browser [e.g. chrome, safari] | ||
| - Version [e.g. 22] | ||
|
|
||
| **Smartphone (please complete the following information):** | ||
| - Device: [e.g. iPhone6] | ||
| - OS: [e.g. iOS8.1] | ||
| - Browser [e.g. stock browser, safari] | ||
| - Version [e.g. 22] | ||
|
|
||
| **Additional context** | ||
| Add any other context about the problem here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| --- | ||
| name: Feature request | ||
| about: Suggest an idea for this project | ||
| title: '' | ||
| labels: feature-request | ||
| assignees: '' | ||
|
|
||
| --- | ||
|
|
||
| **Is your feature request related to a problem? Please describe.** | ||
| A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] | ||
|
|
||
| **Describe the solution you'd like** | ||
| A clear and concise description of what you want to happen. | ||
|
|
||
| **Describe alternatives you've considered** | ||
| A clear and concise description of any alternative solutions or features you've considered. | ||
|
|
||
| **Additional context** | ||
| Add any other context or screenshots about the feature request here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| --- | ||
| name: Other | ||
| about: Discussions, ideas, etc... | ||
| title: '' | ||
| labels: '' | ||
| assignees: '' | ||
|
|
||
| --- | ||
|
|