Remove the version number from the control IDs in the Rego for maintainability.
Motivation and context
The Rego currently references the baseline controls by their full ID, including the version number. For example:
.
However, the inclusion of the version number makes it challenging to maintain consistency, as the version number is repeated again and again throughout the files. For example, consider https://github.com/cisagov/ScubaGoggles/pull/303, with 101 files changed, just to bump the version number.
Furthermore, moving forward, eventually changing the version numbers will not be a matter of a simple find and replace, as after the 1.0 release, the version numbers for the controls will be independent of each other.
Finally, having the version number listed in the Rego code doesn't really add anything.
Implementation notes
Please provide details for implementation, such as:
an example for how this would be used
what this would look like
how this would act
any related work, including links to related issues
Acceptance criteria
As a proof of concept, I removed the version numbers from the Sites Rego, like so:
Then modified md_parser.py like so:
And finally modified reporter.py like so:
Worked like a charm:
How do we know when this work is done?
[ ] The version numbers are removed from the Rego
[ ] The HTML report still looks as expected
[ ] The json version of the report still looks as expected
💡 Summary
Remove the version number from the control IDs in the Rego for maintainability.
Motivation and context
The Rego currently references the baseline controls by their full ID, including the version number. For example:
.
However, the inclusion of the version number makes it challenging to maintain consistency, as the version number is repeated again and again throughout the files. For example, consider https://github.com/cisagov/ScubaGoggles/pull/303, with 101 files changed, just to bump the version number.
Furthermore, moving forward, eventually changing the version numbers will not be a matter of a simple find and replace, as after the 1.0 release, the version numbers for the controls will be independent of each other.
Finally, having the version number listed in the Rego code doesn't really add anything.
Implementation notes
Please provide details for implementation, such as:
Acceptance criteria
As a proof of concept, I removed the version numbers from the Sites Rego, like so:
Then modified md_parser.py like so:
And finally modified reporter.py like so:
Worked like a charm:
How do we know when this work is done?