Skip to content

Releases: OpenPathfinder/website

2.0.0

08 Dec 19:35
@UlisesGascon UlisesGascon
2.0.0
5d511c3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.0 Latest
Latest

What's Changed

⚠️ BREAKING CHANGES ⚠️

In the version 1.x we extracted the data from the spreadsheet and convert it a json file to generate the details and the implementation groups. Currently, since 2.x we moved away from this and we directly use the compliance_checks table from the dashboard.

We keep the same approach of collecting the data as a json and then generate all the files dynamically. All the process now is done with a GitHub action:

Update the compliance checks

  1. Go to Actions: Sync and update Compliance Checks and run the action manually from the main branch. how-to
  2. This will generate a PR with the title [AUTO] Sync with dashboard database and it will assign it to you (direct access). Please review the content and merge it when you feel ready.

Notable Changes

Data Source migration
Removed legacy script that converted html data into json (entities extraction). This include jsdom dependency (65bb52f), the script itself (208f848) and the npm command npm run extract-standards (5b8044e)

  • The population scripts populate-details (bec24b1) and populate-implementations (5703528) are now using the new data source (dashboard database dump)
  • The detatils files now include more information, also some minor bugs were solved (5550e40)

Add Manual Annotations to Dynamic Content

Added the ability to combine dynamic content with manual annotations in the details (09d66e1) and implementations (8f37303) files.

Dynamic content is managed by the @ulisesgascon/text-tags-manager package, a core dependency of this project (016063b). Tags within these files are automatically updated or inserted whenever a new detail or implementation is added (49ba99c).

For example, the githubOrgMFA implementation has been updated to include manual annotations (revert b216d3c), restoring annotations that were previously removed (8460de4).

To support this change, the documentation has been updated (cc83c54) with clear instructions on working with dynamic content and tags. The updated section is as follows:

Improve the content via PR(s)

If you want to enhance any page, you can do so as you would in any other project (via a Pull Request, example). However, please note certain rules, as some parts of the files are dynamically generated, and your changes could be overwritten.

Rules

  1. Metadata is added automatically. Manual additions or modifications to metadata are not allowed.
  2. You can contribute any content to any file, but avoid making changes within the sections enclosed by specific tags, as these sections are dynamically >generated. For example: 
    OK
<!-- DESCRIPTION:START -->
AVOID (AUTOMATED)
<!-- DESCRIPTION:END -->
OK

Other changes

  • Add evaluation criteria for githubOrgMFA compliance check
  • Improve documentation and update the content with all the changes

PRs

  • Add evaluation criteria for githubOrgMFA by @UlisesGascon in #9
  • Add pipeline to sync the checks from the dashboard db by @UlisesGascon in #10
  • [AUTO] Sync with dashboard database by @github-actions in #12
  • [AUTO] Sync with dashboard database by @github-actions in #13
  • Update instructions to update the compliance checks data by @UlisesGascon in #14
  • Remove extract-standards script and dependencies by @UlisesGascon in #15
  • Migrate scripts to new data source by @UlisesGascon in #16
  • Minor improvements by @UlisesGascon in #17
  • Add Manual Annotations to Dynamic Content by @UlisesGascon in #18

New Contributors

  • @github-actions made their first contribution in #12

Changelog

Full Changelog: 1.0.0...2.0.0

Contributors

UlisesGascon
Assets 2
Loading

1.0.0

03 Dec 16:00
@UlisesGascon UlisesGascon
1.0.0
57b83e9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
1.0.0

Main Changes

BREAKING CHANGES

  • Improve templates and urls using title and slugs (ac8d2fc)

Content update (scripts)

Other changes

  • Update the project repository url after the GitHub org migration (260fcb2)
  • Improve development documentation (c840d45)

Screenshots

Item detail

  • Use the new slugs for urls (breaking change)
  • Use titles and not ID(s) references
    Screenshot from 2024-12-03 16-12-56

Implementation detail

  • Use the new slugs for urls (breaking change)
  • Use the title and not the description
    Screenshot from 2024-12-03 16-13-20

Changelog

Full Changelog: 0.1.0...1.0.0

Assets 2
Loading

0.1.0

03 Dec 11:56
@UlisesGascon UlisesGascon
0.1.0
02040c1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
0.1.0

What's Changed

New Contributors

Full Changelog: https://github.com/secure-dashboards/openjs-security-program-standards/commits/0.1.0

Contributors

UlisesGascon
Assets 2
Loading