From b6966c56c643007f5e2a157a91292cba7f20fe3f Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Wed, 18 Dec 2024 21:06:12 +0100 Subject: [PATCH 1/3] chore: update references to OpenPathfinder/visionBoard --- .github/workflows/sync_checks.yml | 2 +- data/checks.json | 4 ++-- docs/details/githubOrgMFA.mdx | 4 ++-- docs/details/softwareDesignTraining.mdx | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/sync_checks.yml b/.github/workflows/sync_checks.yml index e44e8ef..e3171e8 100644 --- a/.github/workflows/sync_checks.yml +++ b/.github/workflows/sync_checks.yml @@ -40,7 +40,7 @@ jobs: - name: Clone OpenJS Foundation Dashboard run: | - git clone https://github.com/secure-dashboards/openjs-foundation-dashboard.git temp-openjs-dashboard + git clone https://github.com/OpenPathfinder/visionBoard.git temp-openjs-dashboard cd temp-openjs-dashboard npm install npm run db:migrate diff --git a/data/checks.json b/data/checks.json index ae2e1d4..6330574 100644 --- a/data/checks.json +++ b/data/checks.json @@ -1769,7 +1769,7 @@ "sources_description": "OpenSSF SCM Best PracticesOpenSSF Best Practices Badge Gold Level [require_2FA]", "implementation_status": "completed", "implementation_type": "computed", - "implementation_details_reference": "https://github.com/secure-dashboards/openjs-foundation-dashboard/issues/43", + "implementation_details_reference": "https://github.com/OpenPathfinder/visionBoard/issues/43", "details_url": "https://openjs-security-program-standards.netlify.app/details/githubOrgMFA", "created_at": "2024-12-11T23:03:52.941Z", "updated_at": "2024-12-11T23:03:52.941Z" @@ -1794,7 +1794,7 @@ "sources_description": "OpenSSF Best Practices Badge Passing Level [know_secure_design]", "implementation_status": "completed", "implementation_type": "manual", - "implementation_details_reference": "https://github.com/secure-dashboards/openjs-foundation-dashboard/issues/52", + "implementation_details_reference": "https://github.com/OpenPathfinder/visionBoard/issues/52", "details_url": "https://openjs-security-program-standards.netlify.app/details/softwareDesignTraining", "created_at": "2024-12-11T23:03:52.941Z", "updated_at": "2024-12-11T23:03:52.941Z" diff --git a/docs/details/githubOrgMFA.mdx b/docs/details/githubOrgMFA.mdx index e592dd2..8576fbb 100644 --- a/docs/details/githubOrgMFA.mdx +++ b/docs/details/githubOrgMFA.mdx @@ -19,12 +19,12 @@ Multi Factor Authentication (MFA) Enforced Across the Github Organization ## Dashboard Inclusion -We use the field `two_factor_requirement_enabled` from the GitHub Organization API to check if the project has enforced this policy. [More information](https://github.com/secure-dashboards/openjs-foundation-dashboard/issues/43) +We use the field `two_factor_requirement_enabled` from the GitHub Organization API to check if the project has enforced this policy. [More information](https://github.com/OpenPathfinder/visionBoard/issues/43) ## Details - Implementation Status: completed -- Implementation Details: It is computed ([details](https://github.com/secure-dashboards/openjs-foundation-dashboard/issues/43)). +- Implementation Details: It is computed ([details](https://github.com/OpenPathfinder/visionBoard/issues/43)). - C-SCRM: true - Priority Group: P1 - Mitre: [CWE-308](https://cwe.mitre.org/data/definitions/308.html) diff --git a/docs/details/softwareDesignTraining.mdx b/docs/details/softwareDesignTraining.mdx index f006982..57ed3d1 100644 --- a/docs/details/softwareDesignTraining.mdx +++ b/docs/details/softwareDesignTraining.mdx @@ -19,12 +19,12 @@ At least One Primary Maintainer has taken TBD Training on Secure Software Design ## Dashboard Inclusion -It is considered `passed` if there is a record for the organization in the `software_design_training` dashboard table and the date falls within the valid range (one natural year). This table is maintained manually, [more information](https://github.com/secure-dashboards/openjs-foundation-dashboard/issues/52) +It is considered `passed` if there is a record for the organization in the `software_design_training` dashboard table and the date falls within the valid range (one natural year). This table is maintained manually, [more information](https://github.com/OpenPathfinder/visionBoard/issues/52) ## Details - Implementation Status: completed -- Implementation Details: It is manual ([details](https://github.com/secure-dashboards/openjs-foundation-dashboard/issues/52)). +- Implementation Details: It is manual ([details](https://github.com/OpenPathfinder/visionBoard/issues/52)). - C-SCRM: false - Priority Group: P0 - Mitre: [M1013](https://attack.mitre.org/mitigations/M1013/) From 0dc008795806d472cc86c9ee172b7ea28e216a54 Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Wed, 18 Dec 2024 21:09:35 +0100 Subject: [PATCH 2/3] chore: update git repo reference --- .versionrc.json | 4 ++-- README.md | 6 +++--- docusaurus.config.js | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.versionrc.json b/.versionrc.json index dede31d..f6e4dad 100644 --- a/.versionrc.json +++ b/.versionrc.json @@ -9,6 +9,6 @@ {"type": "perf", "hidden": true}, {"type": "test", "hidden": true} ], - "commitUrlFormat": "https://github.com/secure-dashboards/openjs-security-program-standards/commit/{{hash}}", - "compareUrlFormat": "https://github.com/secure-dashboards/openjs-security-program-standards/{{previousTag}}...{{currentTag}}" + "commitUrlFormat": "https://github.com/OpenPathfinder/website/commit/{{hash}}", + "compareUrlFormat": "https://github.com/OpenPathfinder/website/{{previousTag}}...{{currentTag}}" } diff --git a/README.md b/README.md index e95c288..fde7c43 100644 --- a/README.md +++ b/README.md @@ -43,8 +43,8 @@ Most of the content of this website is autogenerated with Github Actions, this i ### Update the compliance checks -1. Go to [Actions: Sync and update Compliance Checks](https://github.com/secure-dashboards/openjs-security-program-standards/actions/workflows/sync_checks.yml) and run the action manually from the `main` branch. [how-to](https://docs.github.com/en/actions/managing-workflow-runs-and-deployments/managing-workflow-runs/manually-running-a-workflow) -2. This will generate a PR with the title `[AUTO] Sync with dashboard database` and it will assign it to you ([direct access](https://github.com/secure-dashboards/openjs-security-program-standards/pulls?q=sort%3Aupdated-desc+is%3Apr+is%3Aopen++%5BAUTO%5D+Sync+with+dashboard+database+)). Please review the content and merge it when you feel ready. +1. Go to [Actions: Sync and update Compliance Checks](https://github.com/OpenPathfinder/website/actions/workflows/sync_checks.yml) and run the action manually from the `main` branch. [how-to](https://docs.github.com/en/actions/managing-workflow-runs-and-deployments/managing-workflow-runs/manually-running-a-workflow) +2. This will generate a PR with the title `[AUTO] Sync with dashboard database` and it will assign it to you ([direct access](https://github.com/OpenPathfinder/website/pulls?q=sort%3Aupdated-desc+is%3Apr+is%3Aopen++%5BAUTO%5D+Sync+with+dashboard+database+)). Please review the content and merge it when you feel ready. ### Manual update @@ -59,7 +59,7 @@ This will autopolulate the details and implementations sections of the website, ### Improve the content via PR(s) -If you want to enhance any page, you can do so as you would in any other project (via a Pull Request, [example](https://github.com/secure-dashboards/openjs-security-program-standards/pull/9)). However, please note certain rules, as some parts of the files are dynamically generated, and your changes could be overwritten. +If you want to enhance any page, you can do so as you would in any other project (via a Pull Request, [example](https://github.com/OpenPathfinder/website/pull/9)). However, please note certain rules, as some parts of the files are dynamically generated, and your changes could be overwritten. **Rules** 1. Metadata is added automatically. Manual additions or modifications to metadata are not allowed. diff --git a/docusaurus.config.js b/docusaurus.config.js index 3415aff..e4c9955 100644 --- a/docusaurus.config.js +++ b/docusaurus.config.js @@ -42,7 +42,7 @@ const config = { }, items: [ { - href: 'https://github.com/secure-dashboards/openjs-security-program-standards', + href: 'https://github.com/OpenPathfinder/website', label: 'Repository', position: 'right' } From b6f3353d1236918cedd01021fcb85f8667cf27ac Mon Sep 17 00:00:00 2001 From: Ulises Gascon Date: Wed, 18 Dec 2024 21:11:30 +0100 Subject: [PATCH 3/3] feat: align with visionBoard scripts --- .github/workflows/sync_checks.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/sync_checks.yml b/.github/workflows/sync_checks.yml index e3171e8..133a6a2 100644 --- a/.github/workflows/sync_checks.yml +++ b/.github/workflows/sync_checks.yml @@ -19,12 +19,12 @@ jobs: image: postgres:17.2 env: POSTGRES_DB: dashboard - POSTGRES_USER: openjs + POSTGRES_USER: visionBoard POSTGRES_PASSWORD: password ports: - 5432:5432 options: >- - --health-cmd="pg_isready -U openjs" + --health-cmd="pg_isready -U visionBoard" --health-interval=10s --health-timeout=5s --health-retries=5 @@ -38,20 +38,20 @@ jobs: git fetch origin chore/update-content || true git checkout chore/update-content || git checkout -b chore/update-content - - name: Clone OpenJS Foundation Dashboard + - name: Clone visionBoard and import checks run: | - git clone https://github.com/OpenPathfinder/visionBoard.git temp-openjs-dashboard - cd temp-openjs-dashboard + git clone https://github.com/OpenPathfinder/visionBoard.git temp-visionBoard + cd temp-visionBoard npm install npm run db:migrate mkdir -p output npm run db:export-checks cp output/checks.json ../data/checks.json cd .. - rm -rf temp-openjs-dashboard + rm -rf temp-visionBoard env: PGHOST: localhost - PGUSER: openjs + PGUSER: visionBoard PGPASSWORD: password PGDATABASE: dashboard @@ -65,7 +65,7 @@ jobs: git config user.name "GitHub Actions" git config user.email "actions@github.com" git add -A - git diff --cached --quiet || git commit -m "chore: sync with OpenJS Foundation Dashboard" + git diff --cached --quiet || git commit -m "chore: sync with visionBoard Checks" - name: Install Dependencies and update dynamic content run: |