Create stable/versioned URI references to SAMM entitities

[Pat-Duarte]

Raised by Roberto Polli in Slack https://owasp.slack.com/archives/C01EQUM5TGS/p1617837141004300: Hi there! I'm trying to reference SAMM entities (activities & Co) into #dsomm yaml files. I thought there were URIs but I just found that the repo provides yaml files, eg. https://github.com/OWASP/samm/blob/master/Supporting%20Resources/v2.0/Datamodel/Datafiles/Activity%20D-SA-1-A.yml Are those files consolidated? Is there a way to map them to stable/versioned URIs? Thanks for your time, R cc: @wurstbrot

History from old repo: @SebaDele opened this issue on Apr 10, 2021 @ioggstream commented on Jul 14 Any news?

[SebaDele]

this is linked to the user friendly IDs and external direct URLs at the Boston Summit

[wurstbrot]

Hi @Pat-Duarte and @SebaDele ,

thank you for your question. I do need/want to have IDs for DSOMM activities? Do you have time expectations?

Kind regards Timo

[ioggstream]

In DSOMM I am currently converting ids in SAMM URLs, see https://par-tec.github.io/security-ontologies/onto/dsomm/#https://owasp.org/www-project-devsecops-maturity-model/APatchPolicyIsDefined

[Pat-Duarte]

A direct URL for activities already exists, btw. For example: https://owaspsamm.org/model/governance/strategy-and-metrics/stream-b/#maturity2

[ioggstream]

Thanks Pat. The point is that this URL is different from the identifier provided in the YAML DSOMM files.

[SebaDele]

merge with the API issue?