From 6a75270942775659fe0b2720be137c8e38ed545c Mon Sep 17 00:00:00 2001
From: Timo Pagel <github@timo-pagel.de>
Date: Mon, 17 Oct 2022 15:56:36 +0200
Subject: [PATCH 1/2] add browser's storage

---
 README.md                                           |  6 +++++-
 .../circular-heatmap/circular-heatmap.component.ts  | 13 +++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 6f73deb14..89709f5a2 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ Attackers are intelligent and creative, equipped with new technologies and purpo
 
 # Usage
 
-Go to https://dsomm.timo-pagel.de or clone [this repository](https://github.com/wurstbrot/DevSecOps-MaturityModel/) and run `startDocker.bash`.
+Go to https://dsomm.timo-pagel.de.
 
 * _matrix_ shows the dimensions, subdimensions and activities are described.
 * _Implementation Levels_ can be used to measure the current implementation level by clicking on the specific activities which have been performed.
@@ -24,6 +24,8 @@ In this [video](https://www.youtube.com/watch?v=tX9RHZ_O5NU) Timo Pagel describe
 In case you have evidence or review questions to gather evidence, you can add the attribute "evidence" to an activity which will be attached to an activity to provide it to your CISO or your customer's CISO.
 You can switch on to show open TODO's for evidence by changing IS_SHOW_EVIDENCE_TODO to true 'bib.php' `define(IS_SHOW_EVIDENCE_TODO, true);`
 
+This page uses the Browser's localStorage to store the state of the circular headmap.
+
 # Community
 
 Code Freeze: Currently, with the Google Summer student Aryan Prasad we develop a new Angular frontend version, therefore, we do not accept any code changes right now.
@@ -63,6 +65,8 @@ In case you would like to perform a DevSecOps assessment, the following tools ar
 
 For customized DSOMM, take a look at https://github.com/wurstbrot/DevSecOps-MaturityModel-custom. In case you would like to have perform an assessment for multiple teams, iterate from port 8080 to 8XXX, depending of the size of your team.
 
+You can download your current state from the circular headmap and mount it again via `docker run  -p 8080:8080 -v /tmp/generated.yaml:/app/assets/YAML/generated/generated.yaml  wurstbrot/dsomm:latest`.
+
 This approach also allows teams to perform self assessment with changes tracked in a repository.
 
 
diff --git a/src/app/component/circular-heatmap/circular-heatmap.component.ts b/src/app/component/circular-heatmap/circular-heatmap.component.ts
index cbcc86a00..0b734bf92 100644
--- a/src/app/component/circular-heatmap/circular-heatmap.component.ts
+++ b/src/app/component/circular-heatmap/circular-heatmap.component.ts
@@ -124,6 +124,7 @@ export class CircularHeatmapComponent implements OnInit {
         }
       }
       //console.log(this.ALL_CARD_DATA);
+      this.loadState();
       this.loadCircularHeatMap(
         this.ALL_CARD_DATA,
         '#chart',
@@ -194,6 +195,7 @@ export class CircularHeatmapComponent implements OnInit {
     ).attr('fill', function (p) {
       return color(_self.ALL_CARD_DATA[index]['Done%']);
     });
+    this.saveState();
   }
 
   loadCircularHeatMap(
@@ -593,5 +595,16 @@ export class CircularHeatmapComponent implements OnInit {
         ).attr('fill', 'white');
       }
     }
+    this.saveState();
+  }
+
+  saveState() {
+    localStorage.setItem('dataset', JSON.stringify(this.ALL_CARD_DATA));
+  }
+  loadState() {
+    var content = localStorage.getItem('dataset');
+    if (content != null) {
+      this.ALL_CARD_DATA = JSON.parse(content);
+    }
   }
 }

From c3c8469af1d0da028ab32d4de9883e32c8f10048 Mon Sep 17 00:00:00 2001
From: Timo Pagel <github@timo-pagel.de>
Date: Mon, 17 Oct 2022 16:16:19 +0200
Subject: [PATCH 2/2] add pull

---
 README.md | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 89709f5a2..96125188a 100644
--- a/README.md
+++ b/README.md
@@ -59,7 +59,7 @@ In case you would like to perform a DevSecOps assessment, the following tools ar
 ## Container
 
 1. Install [Docker](https://www.docker.com)
-2. Run `docker run --rm -p 8080:8080 wurstbrot/dsomm:latest`
+2. Run `docker pull wurstbrot/dsomm:latest && docker run --rm -p 8080:8080 wurstbrot/dsomm:latest`
 3. Browse to <http://localhost:8080> (on macOS and Windows browse to <http://192.168.99.100:8080> if you are using docker-machine instead
    of the native docker installation)
 
@@ -88,14 +88,6 @@ service docker start
 docker run -d -p 80:8080 wurstbrot/dsomm:latest
 ```
 
-## Tests
-
-To run basic tests just
-
-```bash
-docker-compose -f docker-compose.dev.yaml up test-php
-```
-
 # Credits
 
 * The dimension _Test and Verification_ is based on Christian Schneiders [Security DevOps Maturity Model (SDOMM)](https://www.christian-schneider.net/SecurityDevOpsMaturityModel.html). _Application tests_ and _Infrastructure tests_ are added by Timo Pagel. Also, the sub-dimension _Static depth_ has been evaluated by security experts at [OWASP Stammtisch Hamburg](https://www.owasp.org/index.php/OWASP_German_Chapter_Stammtisch_Initiative/Hamburg).