[Makes] Create a model for criteria
Problem to solve
There are several sources being accessed by developers, therefore, a single source of truth is needed to make it easier to manipulate and use this data.
Intended users
Developers who need to use these models for their software.
User experience goal
The model will allow developers and analysts to have a single source of truth. This model will be used from different sites such as skims, integrates and docs.
Permissions and Security
We want data to be publicly exposed and available.
Proposal
We will use a programmatic language like yaml to describe the model in a way that can be accessed by many different applications.
What does success look like, and how can we measure that?
-
Investigate and select a tool for creating yaml schemas (supported by a vscode extension). -
There is a model for compliance. -
There is a model for requirements. -
There is a model for vulnerabilities. -
There are yaml linters running over the model. -
Compliance migrated. -
Requirements migrated. -
Vulnerabilities migrated. -
Docs is capable of auto-generating documentation using the model. -
Link requirements with compliance -
Link every vulnerability to at least 1 requirement -
Hide empty sections -
Organize sidebar by categories -
Render details on the website for the vulnerabilities that have this data: -
Support bidirectional references: vulns <-> reqs <-> standards
-
Support logos for compliance -
Modify introductions
Nice to have
-
./m docs start
identifies when the yaml files change, rebuilds the md files and shows the changes using hot reload (NOT POSSIBLE).
Links / references
Edited by Daniel Salazar