docs: Provide clarity in policy titles #140
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit adopts the following in an attempt to provide clarity in policy titles and adopt some more standard RFC language. - Critical/High rules => Must - Medium/Low => Should Additionally, it updates some of the policy language to be more clear. Resolves: Legit-Labs#139 See Also: [RFC-2119](https://www.rfc-editor.org/rfc/rfc2119) See Also: [RFC-8174](https://www.rfc-editor.org/rfc/rfc8174)
👇 Click on the image for a new way to code review
Legend |
|
I'm not an expert on the Gitlab side, and I still think there's room for improvement with the language, so any feedback welcome. 😄 |
noamd-legit
reviewed
Feb 6, 2023
There was a problem hiding this comment.
Awesome work 🔥
Two general requests:
- Your editor changed the indentation of the files which causes OPA to fail loading the policies, this is why the pr checks fail
- I rather use only the "Should" notation since even HIGH severity policies could be ok under some circumstances
Yaml is particular and needs spaces after colons. It can be hard to track this down when it's in a comment block. It's even more difficult when you are new to go and don't realize that the docstrings are pulled from the compiled code and not the source on disk. Whoops...
|
I resolved the title comments. Once you change the Must's to Should's I'll merge it. Thank you for putting in the effort @derekmurawsky! |
Per the conversation in [this PR](Legit-Labs#140 (comment)) I changed instanced of `must` to `should` as all of this advice is guidance that may be followed or not at the discretion of the implementation teams that use this tool.
noamd-legit
approved these changes
Feb 8, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This commit adopts the following in an attempt to provide clarity in policy titles and adopt some more standard RFC language.
Additionally, it updates some of the policy language to be more clear.
Resolves: #139
See Also: RFC-2119
See Also: RFC-8174
What's being changed?
Is this PR related to an existing issue?
Check off the following: