Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

content: refactor threat diagram and add overview #1057

Merged
merged 20 commits into from
Jun 5, 2024
Merged

content: refactor threat diagram and add overview #1057

merged 20 commits into from
Jun 5, 2024

Commits on May 13, 2024

  1. content: update supply chain diagram 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 13, 2024
    Configuration menu
    Copy the full SHA
    ea3c0fa View commit details
    Browse the repository at this point in the history

Commits on May 14, 2024

  1. rename A and I to be more inclusive 

    "(A) Untrustworthy producer": expands to not just malicious intent, but
also other things that reduce trust, such as lack of adequate security
controls.

"(I) Use of unintended package": expands to not just accidental use of
the "wrong" package, but also someone intentionally requesting a "wrong"
package, e.g. in a Kubernetes environment.

Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 14, 2024
    Configuration menu
    Copy the full SHA
    32d9cae View commit details
    Browse the repository at this point in the history

  2. add threat overview 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 14, 2024
    Configuration menu
    Copy the full SHA
    0bcb554 View commit details
    Browse the repository at this point in the history

  3. Merge branch 'main' into diagram-new-threats 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 14, 2024
    Configuration menu
    Copy the full SHA
    e6f3267 View commit details
    Browse the repository at this point in the history

Commits on May 16, 2024

  1. add new threat Z for lack of visibility 

    Signed-off-by: Mark Lodato <lodato@google.com>

rename Z to "visibility" and hide from ! version

Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 16, 2024
    Configuration menu
    Copy the full SHA
    51594ea View commit details
    Browse the repository at this point in the history

Commits on May 17, 2024

  1. update text 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 17, 2024
    Configuration menu
    Copy the full SHA
    efa23c4 View commit details
    Browse the repository at this point in the history

Commits on May 29, 2024

  1. update overview 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 29, 2024
    Configuration menu
    Copy the full SHA
    d3242d6 View commit details
    Browse the repository at this point in the history

Commits on May 30, 2024

  1. diagram: A-H, no J or Z, move arrow 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 30, 2024
    Configuration menu
    Copy the full SHA
    ba4ded3 View commit details
    Browse the repository at this point in the history

  2. diagram: re-add I, update labels, revert verification 

    For now revert the verification diagram since it's not yet updated.

Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 30, 2024
    Configuration menu
    Copy the full SHA
    18ceba2 View commit details
    Browse the repository at this point in the history

  3. update text and diagram, add todo 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 30, 2024
    Configuration menu
    Copy the full SHA
    353c4ad View commit details
    Browse the repository at this point in the history

  4. fix svg path, add usage threats 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 30, 2024
    Configuration menu
    Copy the full SHA
    2eb1713 View commit details
    Browse the repository at this point in the history

  5. add avail todo 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 30, 2024
    Configuration menu
    Copy the full SHA
    84cf3d4 View commit details
    Browse the repository at this point in the history

  6. lint 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 30, 2024
    Configuration menu
    Copy the full SHA
    984f8dd View commit details
    Browse the repository at this point in the history

  7. update build verification diagram + figma file 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed May 30, 2024
    Configuration menu
    Copy the full SHA
    95184d3 View commit details
    Browse the repository at this point in the history

Commits on Jun 3, 2024

  1. fix typos, add TODO about "out of scope" 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed Jun 3, 2024
    Configuration menu
    Copy the full SHA
    3a05a18 View commit details
    Browse the repository at this point in the history

Commits on Jun 4, 2024

  1. address feedback by Marcela 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed Jun 4, 2024
    Configuration menu
    Copy the full SHA
    c3f63de View commit details
    Browse the repository at this point in the history

  2. fix typo (teh) and rephrase 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed Jun 4, 2024
    Configuration menu
    Copy the full SHA
    d2ce5b7 View commit details
    Browse the repository at this point in the history

Commits on Jun 5, 2024

  1. "uses parameters" to "changes" 

    Co-authored-by: Marcela Melara <marcela.melara@intel.com>
Signed-off-by: Mark Lodato <lodatom@gmail.com>
    @MarkLodato @marcelamelara
    MarkLodato and marcelamelara committed Jun 5, 2024
    Configuration menu
    Copy the full SHA
    0273374 View commit details
    Browse the repository at this point in the history

  2. is -> it 

    Co-authored-by: Marcela Melara <marcela.melara@intel.com>
Signed-off-by: Mark Lodato <lodatom@gmail.com>
    @MarkLodato @marcelamelara
    MarkLodato and marcelamelara committed Jun 5, 2024
    Configuration menu
    Copy the full SHA
    5fadb0f View commit details
    Browse the repository at this point in the history

  3. moved TODO about a vs b 

    Signed-off-by: Mark Lodato <lodato@google.com>
    @MarkLodato
    MarkLodato committed Jun 5, 2024
    Configuration menu
    Copy the full SHA
    8a0d8f8 View commit details
    Browse the repository at this point in the history