octool 0.0.7 → 0.0.8

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6fecd506f9519e5dea7be955335b43359dc1cf4b9b1f996410c952ec72384471
4
- data.tar.gz: f841b91bd3e05d74a1dd90c634a9274119870bdb8698ac2c19685dd727ee6f06
3
+ metadata.gz: ed9a9d64af06f7c36bf6559eab5919e7b5488ec5a265830d757967dc60784b28
4
+ data.tar.gz: 0b71a16cd55225d995f0f1ff31c24517900726fe6e9a70a9ae54fa6b93b770fb
5
5
  SHA512:
6
- metadata.gz: 725f37921c2943422622aad442451cf7178edd98b3f23f02ebcc27030f498290689711345a40baa160bc3054929cac00e1e2f2ff8a39cf0db6de75014a9cd324
7
- data.tar.gz: 68e8b51a7784db9cb243caae5122faf05dfdcbb05b822b69b9afed5fff58fd857a93606d8adf7c5b62457642b6d6df30b4a5db2dd3f2e480f08905d6ccd36fb7
6
+ metadata.gz: 338981986492cd44db6b36844f833865b5ed8966c332a74ed313d12650d00fe0f8d14dccd8db04bf0421adf305619a97bc3a5f17a0ff2ee400537c087f2d7895
7
+ data.tar.gz: 634d4943387eae05d72ab887c7e555fcb0c119ce5a0cec02ae855dc42cdba95f46a1a553c541b388e7c6e5f0edf141c3ade05870e6e510938426535f9e0ec2f5
@@ -53,6 +53,9 @@ module OCTool
53
53
  toc_depth 3
54
54
  number_sections
55
55
  highlight_style 'pygments'
56
+ # https://en.wikibooks.org/wiki/LaTeX/Source_Code_Listings#Encoding_issue
57
+ # Uncomment the following line after the "listings" package is compatible with utf8
58
+ # listings
56
59
  end
57
60
  output = converter << File.read(md_path)
58
61
  File.new(out_path, 'wb').write(output)
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module OCTool
4
- VERSION = '0.0.7'
4
+ VERSION = '0.0.8'
5
5
  end
@@ -1,6 +1,6 @@
1
1
  == octool - Open Compliance Tool
2
2
 
3
- v0.0.7
3
+ v0.0.8
4
4
 
5
5
  === Global Options
6
6
  === --help
@@ -52,17 +52,61 @@ geometry:
52
52
  - left=2cm
53
53
  - right=2cm
54
54
  - bottom=2cm
55
+
56
+ header-includes:
57
+ - |
58
+ ```{=latex}
59
+ % https://github.com/jgm/pandoc/wiki/Pandoc-Tricks#left-aligning-tables-in-latex
60
+ \usepackage[margins=raggedright]{floatrow}
61
+ ```
62
+ - |
63
+ ```{=latex}
64
+ % https://github.com/jgm/pandoc/wiki/Pandoc-Tricks#definition-list-terms-on-their-own-line-in-latex
65
+ % "Clone" the original \item command
66
+ \let\originalitem\item
67
+
68
+ % Redefine the \item command using the "clone"
69
+ \makeatletter
70
+ \renewcommand{\item}[1][\@nil]{%
71
+ \def\tmp{#1}%
72
+ \ifx\tmp\@nnil\originalitem\else\originalitem[#1]\hfill\par\fi}
73
+ \makeatother
74
+ ```
75
+ - |
76
+ ```{=latex}
77
+ % The are at least two ways to configure how LaTeX floats figures.
78
+ %
79
+ % 1. One approach is described in section 17.2 of
80
+ % http://tug.ctan.org/tex-archive/info/epslatex/english/epslatex.pdf
81
+ % However, the approach described there requires to teach people
82
+ % how to write LaTeX cross-references in markdown.
83
+ %
84
+ % 2. Force figures, listings, etc., to float "[H]ere".
85
+ % This is a LaTeX anti-pattern because it causes large gaps of whitespace on some pages.
86
+ % This approach avoids having to teach people to create LaTeX cross-references.
87
+ % https://tex.stackexchange.com/a/101726
88
+ %
89
+ % Use option 2.
90
+ \usepackage{float}
91
+ \floatplacement{figure}{H}
92
+ ```
55
93
  ---
56
94
 
57
- # <%= @system.config['name'] %>
95
+ # Introduction
58
96
 
59
- ## Overview
97
+ ## About this document
98
+
99
+ A System Security Plan (SSP) is a document to describe security controls in use
100
+ on an information system and their implementation. An SSP provides:
101
+
102
+ - Narrative of security control implementation
103
+ - Description of components and services
104
+ - System data flows and authorization boundaries
60
105
 
61
- <%= @system.config['overview'] %>
62
106
 
63
107
  ## Standards
64
108
 
65
- This System Security Plan (SSP) addresses these standards:
109
+ This SSP draws from these standards:
66
110
 
67
111
  <% @system.standards.each do |s| -%>
68
112
  - <%= s['name'] %>
@@ -71,6 +115,32 @@ This System Security Plan (SSP) addresses these standards:
71
115
  The full copy of each standard is included in the appendix.
72
116
 
73
117
 
118
+ ## Certifications
119
+
120
+ A certification is a logical grouping of controls that are of interest to
121
+ a given subject. A particular certification does not necessarily target all
122
+ controls from a standard, nor does a particular certification need to draw
123
+ from a single standard.
124
+
125
+ This SSP addresses these certifications:
126
+
127
+ <% @system.certifications.each do |c| -%>
128
+ - <%=c['name']%>
129
+
130
+ <% c['requires'].each do |r| -%>
131
+ - <%=r['standard_key']-%> control <%=r['control_key']%>
132
+ <% end -%>
133
+
134
+ <% end %>
135
+
136
+
137
+ # <%= @system.config['name'] %>
138
+
139
+ ## Overview
140
+
141
+ <%= @system.config['overview'] %>
142
+
143
+
74
144
  ## Components
75
145
 
76
146
  <% @system.components.each do |c| %>
@@ -84,18 +154,24 @@ _The organization has not yet documented attestations for this component_.
84
154
  The organization offers the following attestations for this component.
85
155
  <% end %>
86
156
 
87
- <% c['attestations'].each do |a| %>
157
+ <% c['attestations'].compact.each do |a| %>
88
158
  #### <%= a['summary'] %>
89
159
 
90
- Status: <%= a['status'] %>
91
-
92
- Date verified: <%= a['date_verified'] if a['date_verified'] %>
93
-
94
- Satisfies:
95
-
96
- <% a['satisfies'].each do |cid| -%>
97
- - <%= cid['standard_key'] %> control <%= cid['control_key'] %>
98
- <% end -%>
160
+ +----------+---------------+--------------------------------------------------------------+
161
+ | Status | Date verified | Satisfies |
162
+ +==========+===============+==============================================================+
163
+ <%
164
+ s = a['satisfies'][0]
165
+ verbiage = sprintf('%-58s', [s['standard_key'], 'control', s['control_key']].join(' '))
166
+ -%>
167
+ | <%=sprintf('%-8s', a['status'])-%> | <%=sprintf('%-13s', a['date_verified'])-%> | - <%=verbiage-%> |
168
+ <%
169
+ a['satisfies'][1..].each do |s|
170
+ verbiage = sprintf('%-58s', [s['standard_key'], 'control', s['control_key']].join(' '))
171
+ -%>
172
+ | | | - <%=verbiage-%> |
173
+ <% end -%>
174
+ +----------+---------------+--------------------------------------------------------------+
99
175
 
100
176
  <%= a['narrative'] %>
101
177
 
@@ -111,11 +187,15 @@ Satisfies:
111
187
  <% if s['families'] and !s['families'].empty? %>
112
188
  ### Families
113
189
 
114
- <% s['families'].each do |family| %>
115
- <%= family['family_key'] %>
116
- ~ <%= family['name'] %>
190
+ <%=s['name']-%> categorizes controls into logical groups called families.
117
191
 
118
- <% end %>
192
+ | Family abbreviation | Family name |
193
+ | -------------------------- | -------------------- |
194
+ <% s['families'].each do |family| -%>
195
+ | <%=family['family_key']-%> | <%=family['name']-%> |
196
+ <% end -%>
197
+
198
+ : Control families for <%=s['name']%>
119
199
 
120
200
  <% end %>
121
201
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: octool
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.7
4
+ version: 0.0.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Paul Morgan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-24 00:00:00.000000000 Z
11
+ date: 2020-05-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake