Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add security-sensitivity-level-matches-security-impact-level #786

Merged
merged 3 commits into from
Oct 24, 2024
Merged

Add security-sensitivity-level-matches-security-impact-level #786

merged 3 commits into from
Oct 24, 2024

Conversation

DimitriZhurkin
Copy link

@DimitriZhurkin DimitriZhurkin commented Oct 17, 2024
edited by aj-stein-gsa
Loading

Committer Notes

Add the security-sensitivity-level-matches-security-impact-level constraint.

Note: Tested rigorously with various combinations of security-sensitivity-level and security-impact-level values.

All Submissions:

  • Have you selected the correct base branch per Contributing guidance?
  • Have you set "Allow edits and access to secrets by maintainers"?
  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?
  • Have you squashed any non-relevant commits and commit messages? [instructions]
  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • If applicable, have all FedRAMP Documents Related to OSCAL Adoption affected by the changes in this issue have been updated? Already addressed in automate.fedramp.gov docs, see help-url in constraint.
  • If applicable, does this PR reference the issue it addresses and explain how it addresses the issue?

By submitting a pull request, you are agreeing to provide this contribution under the CC0 1.0 Universal public domain dedication.

@DimitriZhurkin DimitriZhurkin requested a review from a team as a code owner October 17, 2024 14:27
wandmagic
wandmagic previously approved these changes Oct 17, 2024
View reviewed changes
Copy link
Collaborator

@wandmagic wandmagic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good!
nice if / then usage

Gabeblis
Gabeblis previously approved these changes Oct 21, 2024
View reviewed changes
Copy link

@Gabeblis Gabeblis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Just a non-blocking question about where this fits into the style guide.

src/validations/constraints/fedramp-external-constraints.xml Show resolved Hide resolved
@DimitriZhurkin DimitriZhurkin requested a review from a team as a code owner October 21, 2024 15:35
aj-stein-gsa
aj-stein-gsa previously approved these changes Oct 21, 2024
View reviewed changes
Rene2mt
Rene2mt requested changes Oct 21, 2024
View reviewed changes
Copy link
Member

@Rene2mt Rene2mt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR looks great. One blocking request to make minor update to the message.

src/validations/constraints/fedramp-external-constraints.xml Outdated Show resolved Hide resolved
aj-stein-gsa
aj-stein-gsa approved these changes Oct 21, 2024
View reviewed changes
Copy link
Contributor

@aj-stein-gsa aj-stein-gsa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess I should learn to review my own notes and remember our previous conversations, happy to approve a second time with a now even more correct version. Thanks to all of you.

Gabeblis
Gabeblis reviewed Oct 22, 2024
View reviewed changes
Copy link

@Gabeblis Gabeblis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good, we're just lacking proper documentation on this constraint.

src/validations/constraints/fedramp-external-constraints.xml Show resolved Hide resolved
Gabeblis
Gabeblis approved these changes Oct 22, 2024
View reviewed changes
Copy link

@Gabeblis Gabeblis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome work.

@aj-stein-gsa aj-stein-gsa merged commit 41d76e9 into GSA:develop Oct 24, 2024
5 checks passed
brian-ruf pushed a commit to brian-ruf/fedramp-automation that referenced this pull request Nov 8, 2024
@DimitriZhurkin @brian-ruf
Add security-sensitivity-level-matches-security-impact-level (GSA#786)
9e9b001 
* Add security-sensitivity-level-matches-security-impact-level

* Modify the message wording

* In the message, change MUST to SHOULD
This was referenced Nov 13, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aj-stein-gsa aj-stein-gsa aj-stein-gsa approved these changes

@Gabeblis Gabeblis Gabeblis approved these changes

@wandmagic wandmagic wandmagic approved these changes

@Rene2mt Rene2mt Rene2mt approved these changes

Assignees

@DimitriZhurkin DimitriZhurkin

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@DimitriZhurkin @Rene2mt @wandmagic @Gabeblis @aj-stein-gsa