New folder MAGERIT with Threats and Safeguards Catalogue #1502
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: Mohamed-Hacene <[email protected]>
Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Abderrahmane Smimite <[email protected]>
…atures (intuitem#1446) * refactor project -> perimeter * ruff+perttier * fix pytest failing * update migrations * ruff * Use migrations.RenameField to preserve existing links with projects * Revert testInfo.perimeter to testInfo.project * Close first connection modal if it opens * Fix translations * remove redundant lines * Update ar.json prettier * Remove useless translation ChatGPT hallucinated solution would probably not work anyway --------- Co-authored-by: Abder <[email protected]> Co-authored-by: Nassim Tabchiche <[email protected]>
…view (intuitem#1401) * make score read only in entity assessment questionnaire * code format * changed format with progress radial and corrected UX on observation/evidences * evidence from classic table fixed, align score on left , -- instead of 0 for score * remove duplicate message * style: refactor code organization and table mode shallow display * fix: id's duplication --------- Co-authored-by: Mohamed-Hacene <[email protected]>
…item#1473) * Submit risk scenario update form after creating applied control * Avoid reset of risk scenario fields when creating an applied control * chore: clean imports and TextField cachedValue prop * chore: remove debug log --------- Co-authored-by: Mohamed-Hacene <[email protected]>
* fix: avoid response 500 when attachment missing this is a first attempt, might not be the best for now * fix: blob.text() too much call + error message only displayed * fix: few fix for merge * Localize missing attachment file in french --------- Co-authored-by: Nassim Tabchiche <[email protected]>
* feat(test): add serdes/utils.py unit tests * chore: run format
* Update data-model.md Add exception object. Remove useless "asset compliance" object. * Update data-model.md add expiration for exceptions * Update data-model.md Improve model * rename to security exception add approver trivial workflow * chore: small adjustments * chore: typo * chore: re-add asset compliance * chore: typo --------- Co-authored-by: Mohamed-Hacene <[email protected]>
…ntuitem#1489) This fixes a chain of client-side errors on the applied controls form. The error did not affect the good functioning of the form, but was unclean.
…m#1487) * refactor: move post-form validation logic to onUpdatedEvent This aims to centralize all post-valid behaviours, e.g. redirects, closing modals... * Make applied_controls and requirement_assessments fields optional on EvidenceWriteSerializer * Keep invalidateAll value as specified in the prop * chore: remove debug logs --------- Co-authored-by: Mohamed-Hacene <[email protected]>
* feat: fetch options in AutocompleteSelect instead of load function * style: add spinner during AutocompleteSelect loading * chore: format * chore: remove checkConstraints in page.svelte * feat: check constraints inside AutocompleteSelect * feat: globalize AutocompleteSelect fetching * chore: format * chore: cleaning useles foreignKey fetches and old missing constraints logic * fix: typo in ThreatForm optionsEndpoint * fix: use optionsLabel str for risk assessment field in scenario form * feat: add optionsLabelField auto for assets threats and feared events * feat: sort options to put suggestions first * chore: add missing indent * chore: remove unused getOptions * chore: give default values to avoid warnings in frameworks detailed view * feat: add entity assessment folder extra label for perimeter field * chore: nitpicking * feat: add detailed url parameters in AutocompleteSelect fetchOptions * feat: exclude self from options for parent assets and folder * feat: refresh AutocompleteSelect when applied control/evidence is created inside requirement assessment * chore: format front * chore: remove useless foreignKeys fetch in risk assessment page * chore: remove the latest foreignKeys fetches on server side
* fix: check only major and minor version when loading data * Put version checking logic in a util function * Write unit tests for version checking logic * Improve error handling * chore: remove unused import * Chain exceptions * Serialize schema version in dumps * Use schema_version by default to check backup schema compatibility * Switch from json to python meta config file * chore: ruff format * Update unit tests * chore: Remove unused import * Remove unused constant * Put schema version comparison in a util function * Write tests for schema version comparison * chore: fix typo * Assert against VersionFormatError instead of bare Exception * Fix schema version comparison
…ackedBarsNormalized with selected implementation groups (intuitem#1493) * fix: AutompleteSelect when options is already filled * chore: format * fix: selected implementation groups in analytics summary StackedBarsNormalized
* feat: fetch options in AutocompleteSelect instead of load function * style: add spinner during AutocompleteSelect loading * chore: format * chore: remove checkConstraints in page.svelte * feat: check constraints inside AutocompleteSelect * feat: globalize AutocompleteSelect fetching * chore: format * chore: cleaning useles foreignKey fetches and old missing constraints logic * fix: typo in ThreatForm optionsEndpoint * fix: use optionsLabel str for risk assessment field in scenario form * feat: add optionsLabelField auto for assets threats and feared events * feat: sort options to put suggestions first * chore: add missing indent * chore: remove unused getOptions * chore: give default values to avoid warnings in frameworks detailed view * feat: add entity assessment folder extra label for perimeter field * chore: nitpicking * feat: add detailed url parameters in AutocompleteSelect fetchOptions * feat: exclude self from options for parent assets and folder * feat: refresh AutocompleteSelect when applied control/evidence is created inside requirement assessment * chore: format front * chore: remove useless foreignKeys fetch in risk assessment page * chore: remove the latest foreignKeys fetches on server side * Improve performance - optimize get_accessible_object_ids by first calculating the folders that match, and only then retrieving (optimally) the objects from these folders. This should be way more scalable. - use scope_folder_id parameter to scope the retrieved objects * prettier/ruff * Fix regression special case of folder for get_accessible_object_ids * fix published objects not visible --------- Co-authored-by: Mohamed-Hacene <[email protected]>
test: lowercase functional test data email
* Add data-testid on RowCount component * Write simple non regression test for domain import * Fix regression in domain import form * Set backend version and build in e2e tests script Large diff due to formatting * Add debug log for uploaded file path * Tidy tests * Add error handling for cd command Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * Add version and build to functional tests workflow * Include schema version in dummy fixture --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
…intuitem#1477) * test: write functional tests for backup restore * Add version and build environment variables to functional test workflows * Unzip json dump to check its content * Attempt to get the right version in Actions workflows * Restore database from in-memory json dump on load_backup failure * Remove leftover debug statement * Add error handling for schema version conversion
docs: Remove outdated git hooks section from README
* feat(backend): add exception object * fix(backend): typos * feat(backend): add severity display in Exception serializer * feat(frontend): add Exception crud * feat: add exeption field in related objects * chore: run format * fix: exception creation from list view * feat: add migration * chore: format migration * fix: add max_length for models.CharField * feat(locale): add exception fr translations * fix(locale): add missing owners translation * fix: remove requirement_assessments field from ExceptionReadSerializer * feat: update Exception icon * chore: add simple quotes * rename exception->security_exception * fix casing * add default value * rename exceptionsToReview to acceptancesToReview This will avoid ambiguïty * Update 0052_securityexception_appliedcontrol_security_exceptions_and_more.py ruff prettier * fix _/- errors * add boolean to disable double-dash addition Using zod to have both default and required does not work (which is consistent), so this is a simple solution. * Update SecurityExceptionForm.svelte prettier * fix -/_ mismatch * feat: add approver field * chore: adapt security exceptions AutocompleteSelect forms * chore: run format * feat: use crud.ts reverseForeignKeys without add and delete buttons * feat: add security exceptions filters --------- Co-authored-by: Mohamed-Hacene <[email protected]>
* Create questionnaires folder And readme.txt file * Risk_Management_Supply_Chain_Questionnaire New questionnaire for Supply Chain.
Creation of MAGERIT folder.
WalkthroughThe update adds two new lines to the Changes
Suggested reviewers
Poem
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
tools/MAGERIT/MAGERIT_catalogo_de_amenazas_y_salvaguardas.xlsxis excluded by!**/*.xlsx
📒 Files selected for processing (1)
tools/MAGERIT/README.txt(1 hunks)
🧰 Additional context used
🪛 LanguageTool
tools/MAGERIT/README.txt
[uncategorized] ~1-~1: Probablemente hay un error. Considere aplicar la sugerencia.
Context: ...lvaguardas.xlsx contiene el Catálogo de amenzas y salvaguardas definido en la metodolog...
(AI_ES_GGEC_REPLACEMENT_ORTHOGRAPHY_SPELLING)
⏰ Context from checks skipped due to timeout of 90000ms (2)
- GitHub Check: functional-tests (3.12, chromium)
- GitHub Check: enterprise-functional-tests (3.12, chromium)
🔇 Additional comments (1)
tools/MAGERIT/README.txt (1)
3-3: English Description Looks Good.The English description on line 3 clearly explains the purpose of the XLSX file, including methodology details and the download URL.
tools/MAGERIT/README.txt
Outdated
| @@ -0,0 +1,3 @@ | |||
| El fichero MAGERIT_catalogo_de_amenazas_y_salvaguardas.xlsx contiene el Catálogo de amenzas y salvaguardas definido en la metodología MAGERIT v3.0. Libro II - Catálogo de Elementos. URL: https://administracionelectronica.gob.es/ctt/magerit/descargas | |||
There was a problem hiding this comment.
Spelling Correction in Spanish Description.
There is a typographical error on line 1: the word “amenzas” should be corrected to “amenazas” to align with the file name and standard spelling in Spanish.
- El fichero MAGERIT_catalogo_de_amenazas_y_salvaguardas.xlsx contiene el Catálogo de amenzas y salvaguardas definido en la metodología MAGERIT v3.0. Libro II - Catálogo de Elementos. URL: https://administracionelectronica.gob.es/ctt/magerit/descargas
+ El fichero MAGERIT_catalogo_de_amenazas_y_salvaguardas.xlsx contiene el Catálogo de amenazas y salvaguardas definido en la metodología MAGERIT v3.0. Libro II - Catálogo de Elementos. URL: https://administracionelectronica.gob.es/ctt/magerit/descargas📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| El fichero MAGERIT_catalogo_de_amenazas_y_salvaguardas.xlsx contiene el Catálogo de amenzas y salvaguardas definido en la metodología MAGERIT v3.0. Libro II - Catálogo de Elementos. URL: https://administracionelectronica.gob.es/ctt/magerit/descargas | |
| El fichero MAGERIT_catalogo_de_amenazas_y_salvaguardas.xlsx contiene el Catálogo de amenazas y salvaguardas definido en la metodología MAGERIT v3.0. Libro II - Catálogo de Elementos. URL: https://administracionelectronica.gob.es/ctt/magerit/descargas |
🧰 Tools
🪛 LanguageTool
[uncategorized] ~1-~1: Probablemente hay un error. Considere aplicar la sugerencia.
Context: ...lvaguardas.xlsx contiene el Catálogo de amenzas y salvaguardas definido en la metodolog...
(AI_ES_GGEC_REPLACEMENT_ORTHOGRAPHY_SPELLING)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This folder contains the file with the Threats and Safeguards Catalogue defined in the MAGERIT v3.0 methodology.
Summary by CodeRabbit