PyPI - gitlabcis - Versions diffs - 1.3.2__py3-none-any.whl - Mend

gitlabcis 1.3.2__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (218) hide show

gitlabcis-1.3.2.dist-info/METADATA ADDED Viewed

@@ -0,0 +1,241 @@
+Metadata-Version: 2.1
+Name: gitlabcis
+Version: 1.3.2
+Summary: An automated tool that assesses the GitLab CIS benchmarks against a project.
+Author-email: Nate Rosandich <nrosandich+gitlabcis@gitlab.com>, Neil McDonald <nmcdonald+gitlabcis@gitlab.com>, Mitra JozeNazemian <mjozenazemian+gitlabcis@gitlab.com>
+License: MIT License
+        Copyright (c) 2024 GitLab
+        Permission is hereby granted, free of charge, to any person obtaining a copy
+        of this software and associated documentation files (the "Software"), to deal
+        in the Software without restriction, including without limitation the rights
+        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+        copies of the Software, and to permit persons to whom the Software is
+        furnished to do so, subject to the following conditions:
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+Project-URL: homepage, https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/
+Project-URL: documentation, https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/tree/main/docs
+Project-URL: issues, https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/issues
+Project-URL: changelog, https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/tree/main/CHANGELOG.md
+Project-URL: download, https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/releases
+Keywords: GitLab Benchmarks,CIS Benchmarks,GitLab Hardening,GitLab Recommendations,GitLabcis,GitLab CIS Benchmarks,gitlabcis,GitLab,CIS,Benchmark Scanner,GitLab CIS Benchmark scanner,GitLab CIS
+Classifier: Development Status :: 3 - Alpha
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Information Technology
+Classifier: Intended Audience :: System Administrators
+Classifier: Intended Audience :: Developers
+Classifier: Natural Language :: English
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Topic :: Software Development :: Libraries :: Application Frameworks
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Topic :: System :: Benchmark
+Classifier: Topic :: Security
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: PyYAML==6.0.1
+Requires-Dist: python-gitlab~=4.4.0
+Requires-Dist: tabulate==0.9.0
+Requires-Dist: tqdm==4.66.4
+Requires-Dist: defusedxml==0.7.1
+Requires-Dist: python-dateutil==2.9.0.post0
+Requires-Dist: gql==3.5.0
+Provides-Extra: build
+Requires-Dist: setuptools~=61.2; extra == "build"
+Requires-Dist: wheel==0.43.0; extra == "build"
+Requires-Dist: build==1.0.3; extra == "build"
+Requires-Dist: setuptools-scm~=8.1.0; extra == "build"
+Requires-Dist: python-semantic-release==9.8.8; extra == "build"
+Requires-Dist: pre-commit~=3.5.0; extra == "build"
+Requires-Dist: twine==5.1.1; extra == "build"
+Provides-Extra: test
+Requires-Dist: pytest==8.1.2; extra == "test"
+Requires-Dist: flake8~=5.0.4; extra == "test"
+Requires-Dist: bandit==1.7.8; extra == "test"
+Requires-Dist: yamllint==1.35.1; extra == "test"
+Requires-Dist: pytest-cov==5.0.0; extra == "test"
+Requires-Dist: coverage==5.2.1; extra == "test"
+Requires-Dist: tox~=4.15.0; extra == "test"
+# CIS GitLab Benchmark Scanner - gitlabcis
+## Background
+On April 17th 2024, [GitLab™](https://about.gitlab.com/) published [a blog post](https://about.gitlab.com/blog/2024/04/17/gitlab-introduces-new-cis-benchmark-for-improved-security/) introducing its Center for Internet Security® (CIS) GitLab Benchmark. With the goal to improve the security of the product and offer hardening recommendations to GitLab's customers. You can download a copy of the benchmarks which are published on the [Center for Internet Security® website](https://workbench.cisecurity.org/benchmarks/17538).
+> _"The CIS GitLab Benchmark stemmed from a collaboration between CIS and GitLab's Field Security and Product Management teams. After numerous conversations with customers, we understood the need for a specific benchmark that would guide their hardening efforts. We conducted an in-depth review of GitLab’s product and documentation to understand how our offering mapped to CIS's Software Supply Chain Security Benchmark. After the initial draft was ready, it entered into the CIS consensus process, where the broader CIS Benchmark Community was able to review it and suggest edits prior to publication."_
+>
+> _Ref: [Creating the CIS GitLab Benchmark](https://about.gitlab.com/blog/2024/04/17/gitlab-introduces-new-cis-benchmark-for-improved-security/#creating-the-cis-gitlab-benchmark)_
+## Overview
+`gitlabcis` is a [Python®](https://www.python.org/downloads/) package which audits a GitLab project against the [Center for Internet Security® (CIS) GitLab Benchmark](https://workbench.cisecurity.org/benchmarks/17538). It includes [recommendations-as-code](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/tree/main/gitlabcis/recommendations?ref_type=heads#recommendations) formatted in [YAML™](https://yaml.org/).
+## GitLab Product Enhancement
+### Compliance Adherence Report
+There is a larger effort to [add the CIS Benchmark](https://gitlab.com/groups/gitlab-org/-/epics/13823) as a compliance standard to the [Compliance Adherence Report](https://gitlab.com/groups/gitlab-org/-/epics/7854).
+- Once implemented, this will enable customers to automatically have visibility into whether there are additional measures they need to take in order to comply with the measures recommended in the CIS Benchmark.
+### Contributing back to GitLab
+Through the course of developing this tool, the authors contributed 2 features to the GitLab product (#39):
+- [Show Crosslinked/related issues in merge requests via the API](https://gitlab.com/gitlab-org/gitlab/-/issues/461536)
+- [Groups API: Add Restrict group access by Domain](https://gitlab.com/gitlab-org/gitlab/-/issues/351494)
+## Table of Contents
+[[_TOC_]]
+### Disclaimers
+| Disclaimer | Comment |
+| -----------| ------- |
+| This tool assumes that one is using GitLab for [everything](https://about.gitlab.com/blog/2016/03/08/gitlab-tutorial-its-all-connected/) | <ul><li>For example, the first recommendation ([1.1.1 - version_control](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/blob/main/gitlabcis/recommendations/source_code_1/code_changes_1_1/version_control.yml#L4)):</li><ul><li>_"Ensure any changes to code are tracked in a version control platform."_</ul><li>Using GitLab automatically passes this control.</li></ul> |
+| This tool cannot audit every recommendation | <ul><li>We have kept a record of every recommendation that we cannot automate. Review our limitations doc ([docs/limitations.md](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/blob/main/docs/limitations.md?ref_type=heads)), which highlights automation gaps in which a condition cannot confidently be automated.</li></ul> |
+| This tool **does not execute any write operations** on your GitLab project | <ul><li>This tool is expressly designed to refrain from performing any write operations that may:</li><ul><li>modify, alter, change, or otherwise impact the configuration, data, or integrity of your GitLab project</li></ul> <li>ensuring that no alterations or unauthorized adjustments are made to its state or contents.</li></ul> |
+| This is not an official GitLab product | <ul><li>This repository was created by GitLab engineers and is not officially supported by GitLab.</li></ul> |
+### Getting started
+- **Required:** You need to have [python®](https://www.python.org/downloads/), [pip](https://pip.pypa.io/en/stable/installation/) & [GNU Make](https://www.gnu.org/software/make/).
+- **Required:** A GitLab [Personal Access Token (PAT)](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html)
+#### Tokens
+- **Required:** Create your [Personal Access Token (PAT)](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html#create-a-personal-access-token).
+You can either pass a token as an option or store it as an environment variable:
+- `GITLAB_TOKEN` - (_optional_) Environment Variable
+- `--token` - (_optional_) gitlabcis token option
+##### Token Scope
+- **Required:** Your token needs to have _at least_ the `read_api` scope.
+- (_optional_) Providing your token more scope will unlock more controls that require higher levels of permission.
+#### Install
+There's a number of ways to download the scanner. Please see them below:
+##### Pypi
+Install `gitlabcis` from pypi.org:
+```sh
+pip install gitlabcis
+```
+##### GitLab
+Install `gitlabcis` from the [package registry](https://gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/packages/):
+```sh
+pip install gitlabcis --index-url https://gitlab.com/api/v4/projects/57279821/packages/pypi/simple
+```
+If you haven't already done so, you will need to add the below to your `.pypirc` file.
+```ini
+[gitlab]
+repository = https://gitlab.com/api/v4/projects/57279821/packages/pypi
+username = __token__
+password = <your personal access token>
+```
+Install `gitlabcis` from source via clone, or our [releases page](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/releases)
+```sh
+# make a clone (or create a local fork) of the repo
+git clone git@gitlab.com:gitlab-org/govern/compliance/engineering/cis/gitlabcis.git
+cd cis-benchmark-scanner
+make install
+```
+#### Usage
+The following syntax is expected:
+```sh
+gitlabcis URL OPTIONS
+```
+#### Screenshot
+![results](docs/img/results.png)
+#### Generate a report
+To generate a report from the shell:
+```sh
+gitlabcis https://gitlab.example.com/path/to/project --token $TOKEN
+```
+Generate a json report: (_Using the `$GITLAB_TOKEN` variable, you do not need to specify `--token` option_)
+```sh
+gitlabcis \
+    https://gitlab.example.com/path/to/project \
+    -o results.json \
+    -f json
+```
+To execute a single control:
+```sh
+gitlabcis \
+    https://gitlab.example.com/path/to/project \
+    -ids 1.2.3 # or multiple: 2.3.4 3.4.5 etc
+```
+## Documentation
+Review the `gitlabcis` [documentation (./docs)](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/tree/main/docs?ref_type=heads) directory - _Something missing?_ Feel free to create contribute with a [new issue](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/issues/new).
+## License
+`gitlabcis` was published using the [MIT license](https://opensource.org/license/mit), it can be reviewed in the [./LICENSE](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/blob/main/LICENSE?ref_type=heads) file.
+## Changelog
+See the [./CHANGELOG.md](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/blob/main/CHANGELOG.md?ref_type=heads) for more information.
+## Developers
+### Code of Conduct
+Review the heading section of [contributing doc (docs/CONTRIBUTING.md)](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/blob/main/docs/CONTRIBUTING.md?ref_type=heads) for the code of conduct.
+### Security
+Review our [security policy (docs/SECURITY.md)](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/blob/main/docs/SECURITY.md?ref_type=heads) document which outlines how to disclose a vulnerability.
+### Contributing
+Do you want to contribute? - Fantastic! Check out the [contributing doc (docs/CONTRIBUTING.md)](https://gitlab.com/gitlab-org/govern/compliance/engineering/cis/gitlabcis/-/blob/main/docs/CONTRIBUTING.md?ref_type=heads) for more information.

gitlabcis-1.3.2.dist-info/RECORD ADDED Viewed

@@ -0,0 +1,218 @@
+gitlabcis/__init__.py,sha256=8Tp4CVzN01mOC3j3T12R0znWgROsLfKclChZBY6WKJ8,524
+gitlabcis/__main__.py,sha256=RsvuO4bLcC6n-STJDPz_tWIKfpmGKitN_Yjq8r943Rw,198
+gitlabcis/benchmarks/__init__.py,sha256=gsyQy3Pd0TqApqQvq3uTjh3YXXJBkMAlI_UQnzCaRhk,365
+gitlabcis/benchmarks/artifacts_4/__init__.py,sha256=IB5zh5VYULs5CwbpkJKBJ6_Vp_7iiOftvY5i_-QCeUk,200
+gitlabcis/benchmarks/artifacts_4/access_to_artifacts_4_2.py,sha256=rRFOBZ3Oju-sC0DD3R7yP4C5HX80Y16FTCiVOm5Mnvo,4921
+gitlabcis/benchmarks/artifacts_4/origin_traceability_4_4.py,sha256=AGpfqAbTfzM2lGp56pz8UaiIQZfYFLRiGTz-rGAMOEo,352
+gitlabcis/benchmarks/artifacts_4/package_registries_4_3.py,sha256=VvfNbONfnk_Ge4RWhqXCIShVdzjntO-ZjbliGGL9wtE,3740
+gitlabcis/benchmarks/artifacts_4/verification_4_1.py,sha256=4Oc8a-uEY0pSsr2tJ3jY1A5J5gbnDbzO1z1VatnkdQ4,2530
+gitlabcis/benchmarks/build_pipelines_2/__init__.py,sha256=jYPMEXBDaAMDpqPTUqKOsrJZ2vVj-PWNT6lj2Kx4FSI,200
+gitlabcis/benchmarks/build_pipelines_2/build_environment_2_1.py,sha256=FtfbhVYXpwzBdd4WoRxiEWVJhJhkyoyK8YiwcPR7T1o,9220
+gitlabcis/benchmarks/build_pipelines_2/build_worker_2_2.py,sha256=Vklb538v8eIvIsiCK4BG7qgJxCLWGfhY5sSEfyAxxhE,4104
+gitlabcis/benchmarks/build_pipelines_2/pipeline_instructions_2_3.py,sha256=2nHjyxUj0tGaO_a-YX1PabuKnK5BquFsb2PNvU-zyiM,15097
+gitlabcis/benchmarks/build_pipelines_2/pipeline_integrity_2_4.py,sha256=hE_Mn7mqR64kqpF7AnSdfNC02PfnrfPD_WTDMGq8hyE,4871
+gitlabcis/benchmarks/dependencies_3/__init__.py,sha256=HgH5XZeCiGiHBrac33qFZ69wJanACsOyPMysTkKorAE,103
+gitlabcis/benchmarks/dependencies_3/third_party_packages_3_1.py,sha256=aogvtucFX9Z5BfN1Dt9i3RgtOX2ldmrOXlR47KHzoHE,5477
+gitlabcis/benchmarks/dependencies_3/validate_packages_3_2.py,sha256=x5qkcC8GUoyBFb9fAvA9V8RoGpK-rDNNs55xwl8jbvQ,5776
+gitlabcis/benchmarks/deployment_5/__init__.py,sha256=7TUMqw9x0NW0vR9OpDztfJzH-WR_ZaohXUQ0To28kGk,112
+gitlabcis/benchmarks/deployment_5/deployment_configuration_5_1.py,sha256=9cNsBh9ZM8c59DyLcHGHME0zc1Yui1Fa1VmSDQ8c4Wg,5150
+gitlabcis/benchmarks/deployment_5/deployment_environment_5_2.py,sha256=_t5goQQzHdewoMMs6JDTg614in6iZk3wOllVzlFJuBM,1949
+gitlabcis/benchmarks/source_code_1/__init__.py,sha256=U0hzBZnG_KtZnTuCCLdKHU6tR0AVZq-0DzbZdUGfbD4,239
+gitlabcis/benchmarks/source_code_1/code_changes_1_1.py,sha256=kbDCExwxTF-9I1JmCLiQVKyChtFrAAAEiHaagR2eBcc,22576
+gitlabcis/benchmarks/source_code_1/code_risks_1_5.py,sha256=kNkaK6fXxQyJ0gecEmqEFsp26OTC2Vg6PRYjRIDmaWM,14467
+gitlabcis/benchmarks/source_code_1/contribution_access_1_3.py,sha256=iDI4P8WqE-1z7xxOQdGhQY5Cv44_yFCt8sTBbY8f5sg,10552
+gitlabcis/benchmarks/source_code_1/repository_management_1_2.py,sha256=BdwTn--Ivr0bAd8Qdg8uvORRxW-ry60VwU-tD_ayhfY,5717
+gitlabcis/benchmarks/source_code_1/third_party_1_4.py,sha256=QssYGzBKRLUDpUZPGhR_Or7VNgxNzpv8s6C2ZPR8wtw,4325
+gitlabcis/cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+gitlabcis/cli/log.py,sha256=iFa2UFZAuRmyh5NdsxsbAbU03vP0Aw0N7hhsURYvkA8,926
+gitlabcis/cli/main.py,sha256=2lcZJtUheiwwbpaFtztzEkzS0niHg7FL0vEcKtrGcX4,16892
+gitlabcis/cli/output.py,sha256=zCsPsAUBUSMlZwNkath8sluQFUzQPw0eDQkooMS-DxI,4752
+gitlabcis/recommendations/readme.md,sha256=uamPwoWmpvFL6O-gsSg4x-rqsdu2tEfdlx6qH3ceBbQ,1388
+gitlabcis/recommendations/template.yml,sha256=iY28l9CJ2JwNQwQtCRo7gnWOBfkrEqM3fBpa2d_boBA,421
+gitlabcis/recommendations/artifacts_4/readme.md,sha256=njogAwXdkNvvVB0HFbfnTlGsJu6jFePDCqKc7ZVJSIE,685
+gitlabcis/recommendations/artifacts_4/access_to_artifacts_4_2/external_auth_server.yml,sha256=y8g-JwoINCmruJwDbnMdpMnxUCpNY9Skl4uoM3wwa5g,2265
+gitlabcis/recommendations/artifacts_4/access_to_artifacts_4_2/limit_artifact_uploaders.yml,sha256=T0vOxuobYN1n_CSpF801u_HNUdbjqRmEIO_Qd5UDGD8,2650
+gitlabcis/recommendations/artifacts_4/access_to_artifacts_4_2/limit_certifying_artifacts.yml,sha256=RrfpLCuM1Zy9462LpXOOYj2TxSJHWbaGnfgCsxzZrOw,2251
+gitlabcis/recommendations/artifacts_4/access_to_artifacts_4_2/minimum_package_registry_admins.yml,sha256=godEDFmCVDoOuOIQsejq87rTpxo3HdZVSCkKT5lOtyM,2328
+gitlabcis/recommendations/artifacts_4/access_to_artifacts_4_2/readme.md,sha256=rwCvHwvT7y80lRtennicIs9UYKe-0fsja6BjF7thhoM,997
+gitlabcis/recommendations/artifacts_4/access_to_artifacts_4_2/require_mfa_to_package_registry.yml,sha256=BNnM_j3dTCRNyXpIXoq7tlxSUuQgNhlymfMtdDSsrt8,2197
+gitlabcis/recommendations/artifacts_4/access_to_artifacts_4_2/restrict_anonymous_access.yml,sha256=xsgO3z3LasVcIHhVSLiXkNS5Q5Ggpodcft4PNrySD_g,2690
+gitlabcis/recommendations/artifacts_4/origin_traceability_4_4/artifact_origin_info.yml,sha256=BXYYbqL0lnVkdlYhtH4CyHzAjgPhDAXsRa4AYNxVVWk,2722
+gitlabcis/recommendations/artifacts_4/origin_traceability_4_4/readme.md,sha256=N3fDzZ6ed4M2nBWxoUjWpHhJ7U9MdpT_EyBXLxx5BTg,430
+gitlabcis/recommendations/artifacts_4/package_registries_4_3/all_artifact_versions_signed.yml,sha256=MgEGBKGOirOhhJOzziqO5MiPhL2Qc9DTQ6rW9f_Y5Iw,3083
+gitlabcis/recommendations/artifacts_4/package_registries_4_3/audit_package_registry_config.yml,sha256=SXr-LAFOHTMVWHsafHn3XrJgFNOwACbKurR9Wt_MfAE,1840
+gitlabcis/recommendations/artifacts_4/package_registries_4_3/readme.md,sha256=kCUS2mf9p3s4zBZbvbgPdG3TJB1bIyHRR5mvJeOVI1Y,781
+gitlabcis/recommendations/artifacts_4/package_registries_4_3/secure_repo_webhooks.yml,sha256=V1t8hb7b_-gjrcaEPnvX7nf0mLL24qSMQSwP4deTQpo,1714
+gitlabcis/recommendations/artifacts_4/package_registries_4_3/validate_signed_artifacts_on_upload.yml,sha256=dh4KTTJrcoETi1ajNy38S4s2jHVPPE0CHIKF3uLyRbA,3221
+gitlabcis/recommendations/artifacts_4/verification_4_1/encrypt_artifacts_before_distribution.yml,sha256=K1iOxu0f_gjKBG0ItFp3NompNCKli62aughgtsF3vto,1872
+gitlabcis/recommendations/artifacts_4/verification_4_1/only_authorized_platforms_can_decrypt_artifacts.yml,sha256=h7I9PHxh8SOkDpuy3VQTv9rpYOhm1mpxce-8IJGgXx8,2418
+gitlabcis/recommendations/artifacts_4/verification_4_1/readme.md,sha256=oRpgqPryP7DT9pdT0uBYQZk7Cw_vNU3bB7uQgxk7rws,807
+gitlabcis/recommendations/artifacts_4/verification_4_1/sign_artifacts_in_build_pipeline.yml,sha256=OE1hGdY5q3VRMdTW4uV6aK5UQ0GffEOSBQqFExDI5Og,1569
+gitlabcis/recommendations/build_pipelines_2/readme.md,sha256=fvnmtticTgjTlIO-WIfdOT48Cn3JRXj_efT_u62kbl8,897
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/authenticate_build_access.yml,sha256=1fwx5anBKiUVK0cSA9dx_O1DFgS91vHWELBQ5DkUcv0,2761
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/build_automation.yml,sha256=BOr-bvdsgS9eiyrUPaWTOu9UAmi4WvFNzF4TsJjajLI,2421
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/build_env_admins.yml,sha256=5iMlqkVF6iSPKDArv8fAg8_Q6vaerfHj0I0OuMRzHtw,2479
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/build_logging.yml,sha256=KJMK_Ei8cEvx63kfNaTJEwCyKJChPyBm0DUqb98dDwE,2341
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/disable_build_tools_default_passwords.yml,sha256=dLzz9lzqa-guM0rkAGKdsUOJX385hHmanhwes-2BVO8,2292
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/immutable_pipeline_infrastructure.yml,sha256=NGaJIp5AQrvJZG81N3nUzeYkRl_gYHd6Z3njGoZbLPE,2988
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/limit_build_access.yml,sha256=Tu2zUZDEYJHnW4mOTtFuiUa_NfuJ91-329a_O3Tyzec,3276
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/limit_build_secrets_scope.yml,sha256=OJX8Ks5mlwt5l2cJPjQcKkPSDUgtWdBXspFg48FNRiA,2402
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/readme.md,sha256=kRTkOroZCGlBqDSKE2Iv5BmeHhDynR8CgWh3fwhgsCc,1317
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/secure_build_env_webhooks.yml,sha256=MfAIGl4RAuLI9bKtvyRK0Dzj39gc3ziXL8IRfITouQM,1768
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/single_responsibility_pipeline.yml,sha256=ffqgT9feAL2ouxftY8oakq_solf81So4Hi40wSHJMyo,2783
+gitlabcis/recommendations/build_pipelines_2/build_environment_2_1/vuln_scanning.yml,sha256=l3o0pWH_WCb_4wks10ifDadZT7XBaBmD0uFUjteLqSo,3137
+gitlabcis/recommendations/build_pipelines_2/build_worker_2_2/build_worker_vuln_scanning.yml,sha256=gTcq2BMth4qvyFsODAsS1ZBv7XqRKHM9I0rwOp9Ss8s,2877
+gitlabcis/recommendations/build_pipelines_2/build_worker_2_2/monitor_worker_resource_consumption.yml,sha256=XWYy-glyOCT8HBJP_VsJ4wEB1z0fE3AdueFF2sWGydM,3282
+gitlabcis/recommendations/build_pipelines_2/build_worker_2_2/pass_worker_envs_and_commands.yml,sha256=aNYjEoF2FDcWubP-2jGr7Z7dylOpA6gR-YWM_k_srZU,3661
+gitlabcis/recommendations/build_pipelines_2/build_worker_2_2/readme.md,sha256=CasSzpG2tgbR4h147QLXruxYgq_vxNJaqZI3LfMQu9c,1314
+gitlabcis/recommendations/build_pipelines_2/build_worker_2_2/restrict_worker_connectivity.yml,sha256=VhRxGwSTyErkt83LzoySVSPFmQCLYh73PYSledJ6DoU,2962
+gitlabcis/recommendations/build_pipelines_2/build_worker_2_2/segregate_worker_duties.yml,sha256=g8Ycnohd2o9_6GflBtRCQ4Ofrqwz27V7po2IQa1AXgI,3974
+gitlabcis/recommendations/build_pipelines_2/build_worker_2_2/single_use_workers.yml,sha256=zle4qXoH57NUn2mgNve2Jjr3XKJPWTVXIVdL8N-Tlgg,1877
+gitlabcis/recommendations/build_pipelines_2/build_worker_2_2/store_worker_config.yml,sha256=vh_z3xpCsUTyudDZTyfxigo42805Hhj2KBzpPtp9IB0,2993
+gitlabcis/recommendations/build_pipelines_2/build_worker_2_2/worker_runtime_security.yml,sha256=OE3gQPN4M6W7VrfO5ifdlUW6--Tgk_cuDDgLAfkLVb0,1198
+gitlabcis/recommendations/build_pipelines_2/pipeline_instructions_2_3/build_stage_io.yml,sha256=Z9wq6YQ-W3_3dLRzK_D6j3Aqeud1Bpp6H5r1Y3Irjaw,2033
+gitlabcis/recommendations/build_pipelines_2/pipeline_instructions_2_3/build_steps_as_code.yml,sha256=aTAyDUR0scR4SW30p4MxIYzQVlV938Nf8tdpi12Mgfk,1655
+gitlabcis/recommendations/build_pipelines_2/pipeline_instructions_2_3/limit_pipeline_triggers.yml,sha256=FqDjT3E6XQXj0zhPPw72KR4xUOmtAtABcSAuvd9CFec,3992
+gitlabcis/recommendations/build_pipelines_2/pipeline_instructions_2_3/pipeline_misconfiguration_scanning.yml,sha256=vWEzPoZGQoIVeoO-9Ba9uW0pZvoBv2-2Hg0i6PyVoqA,1798
+gitlabcis/recommendations/build_pipelines_2/pipeline_instructions_2_3/pipeline_secret_scanning.yml,sha256=_Or0AvOnpjgB0rsYqOjAPhlUYEvWb27bM-TTy0lWWLQ,2689
+gitlabcis/recommendations/build_pipelines_2/pipeline_instructions_2_3/pipeline_vuln_scanning.yml,sha256=QfplvDE1nwRW1Fn8_677M7B5v_3t8la8s7LG02t74RI,1683
+gitlabcis/recommendations/build_pipelines_2/pipeline_instructions_2_3/readme.md,sha256=LGs_2Sn1Niac6LLyAaPpi1jzyK_6VC106wKrGquqXNw,1140
+gitlabcis/recommendations/build_pipelines_2/pipeline_instructions_2_3/secure_pipeline_output.yml,sha256=cn5vFF5dC5ueTZW2yPBIgp4HT8iZM1TZvRS_wIQRNQ0,2673
+gitlabcis/recommendations/build_pipelines_2/pipeline_instructions_2_3/track_pipeline_files.yml,sha256=-0pFOJm2vaMIAQi7f0f1Q5y3mjMq1bIk3y6L9OJCwNw,2011
+gitlabcis/recommendations/build_pipelines_2/pipeline_integrity_2_4/create_reproducible_artifacts.yml,sha256=JpYbCdeW-xATk9nsBvkBaAQWtiiyorlvlN7ZaEYvJos,2177
+gitlabcis/recommendations/build_pipelines_2/pipeline_integrity_2_4/lock_dependencies.yml,sha256=kxalad5GRAI5ZQ5lfkOqH4ndVETl6ElhJDiP35NqNrg,2322
+gitlabcis/recommendations/build_pipelines_2/pipeline_integrity_2_4/pipeline_produces_sbom.yml,sha256=J-bPAPOL4ZRHtCTRfFnIbKHa1t2ivkB608o2e7GGq_w,3487
+gitlabcis/recommendations/build_pipelines_2/pipeline_integrity_2_4/pipeline_signs_sbom.yml,sha256=kMnyw7BOfmW-NnWAYuTrTYSBTJ1T3quW1_XaT8xcK30,1348
+gitlabcis/recommendations/build_pipelines_2/pipeline_integrity_2_4/readme.md,sha256=YTRqZIZhSa9_cjoMJmDgFT9iBqleCTZWsipH89FZk8A,993
+gitlabcis/recommendations/build_pipelines_2/pipeline_integrity_2_4/sign_artifacts.yml,sha256=SNVkC-1d9SS1Yp_5lJ0CZl40n3VuWXwzU2ichHBptVk,1067
+gitlabcis/recommendations/build_pipelines_2/pipeline_integrity_2_4/validate_dependencies.yml,sha256=eJke-R99SQphuwkoGyCYSPtpmgTjrTxKkfh4Ktdcvx0,3026
+gitlabcis/recommendations/dependencies_3/readme.md,sha256=EoYKHgHakF9kL6aPdUw3u4cBKoEoqoxtf0B6mZ6koxI,738
+gitlabcis/recommendations/dependencies_3/third_party_packages_3_1/define_package_managers.yml,sha256=BERaLAw71RfW7jw18rkTIo0UzoSPv308dnzPMI-xVsE,3253
+gitlabcis/recommendations/dependencies_3/third_party_packages_3_1/dependency_sbom.yml,sha256=XY5u8a46U7CoyJh3tvGRtFqeceZ2_lkp6Ny55MWuZu4,3740
+gitlabcis/recommendations/dependencies_3/third_party_packages_3_1/monitor_dependencies.yml,sha256=m8VICZpbLm_Ii5yoSfLl-UOveGcwM71KSVnqsnF6ZAU,2829
+gitlabcis/recommendations/dependencies_3/third_party_packages_3_1/packages_over_60_days_old.yml,sha256=tCI3fsGPmVe6SsHVoR5hrJpaXjMHHkP9Bb89n9fW2ZI,3724
+gitlabcis/recommendations/dependencies_3/third_party_packages_3_1/pin_dependency_version.yml,sha256=d-U5JADQ220FeaimlJ0yHPkPTmopaq22xMzJIkWN1qE,2084
+gitlabcis/recommendations/dependencies_3/third_party_packages_3_1/readme.md,sha256=GfenMvlA36W_m6-5-E7NLfgkLRQonib8lkBKSAYk4W0,980
+gitlabcis/recommendations/dependencies_3/third_party_packages_3_1/third_party_sbom_required.yml,sha256=1i7Ipu0ZjX18HbRW_OD_IeRyiICUcZF_5DG82Qu1aQs,2929
+gitlabcis/recommendations/dependencies_3/third_party_packages_3_1/verify_artifacts.yml,sha256=Gw5ZuTCgiytiPkUG8EoJXpXSgMYeLNqC4awFKR9-NOA,1775
+gitlabcis/recommendations/dependencies_3/third_party_packages_3_1/verify_signed_metadata.yml,sha256=MOhTmvDAihXgSj-eTO-XfdGLCy3Wnmp_aZxNWBUM53s,1694
+gitlabcis/recommendations/dependencies_3/validate_packages_3_2/org_wide_dependency_policy.yml,sha256=NdRTan3eH5Y8nG4KObzlKUbtUYLVRnyqDs2CQgWiGes,1931
+gitlabcis/recommendations/dependencies_3/validate_packages_3_2/package_license_scanning.yml,sha256=6rAZFlqpKcivfjDri-kRb0MVj6JDBYbRSBToTD1ZCcM,2083
+gitlabcis/recommendations/dependencies_3/validate_packages_3_2/package_ownership_change.yml,sha256=DQO3gbs6c8ILsijBiTVgoSkvOL0-4O9nUVKnGzKepJY,1677
+gitlabcis/recommendations/dependencies_3/validate_packages_3_2/package_vuln_scanning.yml,sha256=t0MLOLRfP9ZtSomclINSuuOK1m1NP1U2okn6CZL6yC4,2775
+gitlabcis/recommendations/dependencies_3/validate_packages_3_2/readme.md,sha256=LIhxeLDkdL9j4jpypfCQWJPaa0dc4DBqfvpJtvjOxf0,796
+gitlabcis/recommendations/deployment_5/readme.md,sha256=aoAumiBBATryjA3zEAQNulPgn4CkihbSeVlFyAQl2Ik,682
+gitlabcis/recommendations/deployment_5/deployment_configuration_5_1/audit_deployment_config.yml,sha256=TjxhFpqnL7J3k2gI2GAhDpFkf2500iRvkdow4odErDM,1784
+gitlabcis/recommendations/deployment_5/deployment_configuration_5_1/limit_deployment_config_access.yml,sha256=i9ElJ5jYofxVLwfm47dX_HiYe__2zrTO09m62kn0aiU,2160
+gitlabcis/recommendations/deployment_5/deployment_configuration_5_1/pin_deployment_config_manifests.yml,sha256=hBUdOm5_akN_EUsg-k9fxueIMlq16CA9Q0_z-uLme1A,2700
+gitlabcis/recommendations/deployment_5/deployment_configuration_5_1/readme.md,sha256=LFxF_XYkZTLRbkMt-Jch8ZkvynssV1gJ4TCZdui6jW8,886
+gitlabcis/recommendations/deployment_5/deployment_configuration_5_1/scan_iac.yml,sha256=oYAqIKe70W5CnDG9R47m60PJik41pUFC6fpTzdY_r6M,3212
+gitlabcis/recommendations/deployment_5/deployment_configuration_5_1/secret_scan_deployment_config.yml,sha256=FqZo703--sq62eElt3s-P9xR_D5uz7CDb0wrfzH-S9A,1770
+gitlabcis/recommendations/deployment_5/deployment_configuration_5_1/separate_deployment_config.yml,sha256=nd9LgkZInm1pYU5hSqVIdorMwwW7aCOWV1naMgdT668,2167
+gitlabcis/recommendations/deployment_5/deployment_configuration_5_1/verify_deployment_config.yml,sha256=IkKPasbPjcCx4qOTL6bOVfDGeoYmQIgjdc4pJCfgTVQ,1913
+gitlabcis/recommendations/deployment_5/deployment_environment_5_2/automate_deployment.yml,sha256=itcn-Enlt7Mi32Gym1ZET6hOqw2ye8wMO-pgIc0FziM,1895
+gitlabcis/recommendations/deployment_5/deployment_environment_5_2/disable_default_passwords.yml,sha256=nqCod1fLNMIWFvINfo7NRNHlQCJZpuiitjr67d1ryTI,2428
+gitlabcis/recommendations/deployment_5/deployment_environment_5_2/limit_prod_access.yml,sha256=ehgGj001lJE4ESecu-UxjKtpshcdlsYP0dH76rRfy30,1847
+gitlabcis/recommendations/deployment_5/deployment_environment_5_2/readme.md,sha256=qxUwPzuC3Gy9nGqo-n6gHVahY9Zi4Abuq9c1sAxoCEM,712
+gitlabcis/recommendations/deployment_5/deployment_environment_5_2/reproducible_deployment.yml,sha256=wAXYxTdLAFSDedgEL5gexluPoOXvbkP-GjfRguHt1q4,2175
+gitlabcis/recommendations/source_code_1/readme.md,sha256=8iyZBFlc7RuP6yJtisbUGgL-hgh8ipnuKW6IrgHjMfI,996
+gitlabcis/recommendations/source_code_1/code_changes_1_1/audit_branch_protections.yml,sha256=NfY2ex6qOpRIor3wTd6897lRoEx9sNU3hiswcNqjVzI,2461
+gitlabcis/recommendations/source_code_1/code_changes_1_1/auto_risk_scan_merges.yml,sha256=RNvXF-eqZwbDFee9P0gPfOQwBw5pFYKJEqYpHbpzSos,2911
+gitlabcis/recommendations/source_code_1/code_changes_1_1/branch_protections_for_admins.yml,sha256=FZhu7xECBUeEyHer_NDtiaOcT26PRBOzmO0yHWAfBe4,2813
+gitlabcis/recommendations/source_code_1/code_changes_1_1/branches_updated_before_merging.yml,sha256=57tkTTB00sFxvfNleb_yCkq0uipaJHDJwSr0qhHMguM,2696
+gitlabcis/recommendations/source_code_1/code_changes_1_1/checks_pass_before_merging.yml,sha256=Z2gA4_05og_SkqDCXntUC9SfiQ9Rnk2uIBe6cNCVFYs,2571
+gitlabcis/recommendations/source_code_1/code_changes_1_1/code_approval_dismissals.yml,sha256=nsf4pp6qFsddDkZa82LXddfqcWDGOSh2bI_5-UVtIBY,3075
+gitlabcis/recommendations/source_code_1/code_changes_1_1/code_approvals.yml,sha256=eD7qhlAJ3NBajdchH5iJiKAC3WsVgv9lQBiHI0aMbkk,3475
+gitlabcis/recommendations/source_code_1/code_changes_1_1/code_changes_require_code_owners.yml,sha256=rs3xqeFcXw4lMg_FNuDgjz11lgnGq7U4FlKlx-lsXCM,3562
+gitlabcis/recommendations/source_code_1/code_changes_1_1/code_dismissal_restrictions.yml,sha256=fXm5XO4GQjI3nGzEXjExBlZ63ecJPSib5yBVhyaRUuU,3604
+gitlabcis/recommendations/source_code_1/code_changes_1_1/code_owners.yml,sha256=R5hn4e-k4Q9cq1q1JcpS-9Bs-lVyqaHkjf7G6HkfodY,2800
+gitlabcis/recommendations/source_code_1/code_changes_1_1/code_tracing.yml,sha256=Y2VJNYqEgZ8ob1LsJVXwbUJ38oIxTHZVanVEIAF7kN0,2218
+gitlabcis/recommendations/source_code_1/code_changes_1_1/comments_resolved_before_merging.yml,sha256=OjOeuLuluAsREjAPuWW51gT8TXEGPT13Lh6uTx73nbY,2827
+gitlabcis/recommendations/source_code_1/code_changes_1_1/commits_must_be_signed_before_merging.yml,sha256=tjoqdlZDy-cJePT1X5ynbMVrWpxmPl2YK5pznTkT80I,2717
+gitlabcis/recommendations/source_code_1/code_changes_1_1/default_branch_protected.yml,sha256=KchgNIqDMYZcWcfg48OEyq4PwXvInjefDYBA-ULQxJc,4261
+gitlabcis/recommendations/source_code_1/code_changes_1_1/deny_branch_deletions.yml,sha256=fKGeH_iRQYAE_V48kFlSXGZlwZ97PTpKbOIsdnOpI98,3617
+gitlabcis/recommendations/source_code_1/code_changes_1_1/ensure_force_push_is_denied.yml,sha256=TkfJtYeYBF_K1E4WtSeDq2yPUHNs2Vcl0ABmI5BXX58,2621
+gitlabcis/recommendations/source_code_1/code_changes_1_1/linear_history_required.yml,sha256=pg3eBlddTSXvuSPY8Ckr0scNBw4VkueInOsR7V6ViP4,2364
+gitlabcis/recommendations/source_code_1/code_changes_1_1/merging_restrictions.yml,sha256=ezgfET8VJSDrbs9hqHWVlEl9PHN_OXC5Zn4SjfSrq98,2938
+gitlabcis/recommendations/source_code_1/code_changes_1_1/readme.md,sha256=x00-k2fYRLUbAW_ikuag85f6GV_HUJAW2RelDAhObqo,1881
+gitlabcis/recommendations/source_code_1/code_changes_1_1/stale_branch_reviews.yml,sha256=EiG66y-a_GsJ8KOXbTmvB4PzBQH69QKHO8G08GvHM3A,3818
+gitlabcis/recommendations/source_code_1/code_changes_1_1/version_control.yml,sha256=5vD4pRgre0JIfzRIUH35169zAj7knxcR9fOT_2A0EmM,1663
+gitlabcis/recommendations/source_code_1/code_risks_1_5/dast_api_scanning.yml,sha256=orTxUKRyGGKBB5SD75oQAlydrnDC1uBmhiC79nQm0RU,2536
+gitlabcis/recommendations/source_code_1/code_risks_1_5/dast_web_scanning.yml,sha256=v3fDwcrAsjykdFDyS2fbQAJmuSwWBCDuYJeeXFM6qo0,2291
+gitlabcis/recommendations/source_code_1/code_risks_1_5/dependency_scanning.yml,sha256=OM6DxJcBzAGpE-GVmZt2WnSlvIKdTCtE4Cp2xcMX594,3790
+gitlabcis/recommendations/source_code_1/code_risks_1_5/enable_secret_detection.yml,sha256=kvjhTEPyaT1yT00AQbt_rN10DMz4SY1tiDehzrOhBlU,1896
+gitlabcis/recommendations/source_code_1/code_risks_1_5/license_scanning.yml,sha256=snnmr8104EdJK8hlF1vJWfp98lhEg-8TOKj2LTGRA3A,2362
+gitlabcis/recommendations/source_code_1/code_risks_1_5/readme.md,sha256=J_2-Fuo3kd-kJ8_fo3_YY78nXQ7pTsTNweFQgcNJ3GM,920
+gitlabcis/recommendations/source_code_1/code_risks_1_5/secure_iac_instructions.yml,sha256=9DF-fewVh20koEzAxVVXxDGWoWn6DS9SbDHY9-bLqYA,3745
+gitlabcis/recommendations/source_code_1/code_risks_1_5/secure_pipeline_instructions.yml,sha256=q1DBYtxeV8YgGW9ViPyiNP6R3S4ADpkbgYp81SynBFs,2733
+gitlabcis/recommendations/source_code_1/code_risks_1_5/vulnerability_scanning.yml,sha256=lBltuMjmYmG085hiT6jTc9vDo32B1jaaCYNUj8ii6I4,2136
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/domain_verification.yml,sha256=Tc_lwLIiKjLocE0shOy6UJPUXVELAYhlP3mQvIIy31o,2976
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/ensure_2_admins_per_repo.yml,sha256=16wumvHbqaEaklHe0Hkl8Y1x_7F6m6afVYChX55Ss6Y,2445
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/limit_top_level_group_creation.yml,sha256=aEzQwThbL1J2hJz-0KZ1zcwKnpQ2O3E4xtj8s-ppBYc,2864
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/limit_user_registration_domain.yml,sha256=I9GheLQ4neQIFt5wwX3HryAgyz50yNRuzBIW0WSiTiE,2684
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/minimum_number_of_admins.yml,sha256=Hb7wtdNLJURj8nALQH8Qopbd4tna5iK_IPWTXWcwwEc,2602
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/org_provided_ssh_certs.yml,sha256=VGc6SlkSAPVvw1YIJElF28t9M_NeEherSZw6vUlHPVg,3596
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/readme.md,sha256=YQf09BF-naDlpYaSGmC0tC-cMpZkR_MCFICOnKQHEtU,1633
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/require_mfa_at_org_level.yml,sha256=NPzFuWxRgqr5Osok-pOHLUb4p1c7UayAX_f1o_VuB1c,3709
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/require_mfa_for_contributors.yml,sha256=c2dZhtQSssBZE2d82E9BYYPp8VTYtw9NsNw0LUmWoys,3220
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/restrict_ip_addresses.yml,sha256=oi-Y1x6L2DFTw3d-ZITW704YRB60OLumNkQ5KTAH_XI,3746
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/review_and_remove_inactive_users.yml,sha256=ACZrgxXOePS98Zp_iO9sHQ32oD1aXg7vzrqQcvAgLks,2391
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/scm_notification_restriction.yml,sha256=uheixRuuK_C_OnUET4b_JLVsqSlawzRlisKyOK4BXrc,2019
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/strict_permissions_for_repo.yml,sha256=wF7FKm8hFYN4nl2RzUMhlu-vGucw0QoGetHrUriBV-8,3230
+gitlabcis/recommendations/source_code_1/contribution_access_1_3/track_code_anomalies.yml,sha256=98uNiQUZ8-_Z5ODxOJSAKV1YyfDmTyT1I34LZU5NoHc,1617
+gitlabcis/recommendations/source_code_1/repository_management_1_2/limit_issue_deletions.yml,sha256=3tBnU9nVbAlcuq_ifsE4w2uNyuT3QdZX9uUA5BhfLbU,2732
+gitlabcis/recommendations/source_code_1/repository_management_1_2/limit_repo_creations.yml,sha256=JtmFLkrwLIiLilFTWkQtv2hUlwfisgz3aqnEf89_Apo,3123
+gitlabcis/recommendations/source_code_1/repository_management_1_2/limit_repo_deletions.yml,sha256=wIj2PUi8ECOrxRXwzVZuZo7GSwIbApbmBR9A7YfN_mc,2704
+gitlabcis/recommendations/source_code_1/repository_management_1_2/public_repos_have_security_file.yml,sha256=ANycWtOhlClzwXoqndKje8gh1moqJ8KH6Y_5WmuJFDs,3197
+gitlabcis/recommendations/source_code_1/repository_management_1_2/readme.md,sha256=y_0y6z8O3zIqhjTkaVgyfMYYBxXwD6NUmbnE_ifdmfY,968
+gitlabcis/recommendations/source_code_1/repository_management_1_2/review_and_archive_stale_repos.yml,sha256=lyW2jll7JfoYXebG5ewlqv3ca0-mntsXT1kwaji9pRg,2974
+gitlabcis/recommendations/source_code_1/repository_management_1_2/track_forks.yml,sha256=dXB7dVYGRGOgRaqZlpyRtvFnsr8lWHVhl1lHoMeBUs4,3050
+gitlabcis/recommendations/source_code_1/repository_management_1_2/track_project_visibility_status.yml,sha256=WNc8wJZ7cv90zoVndraYAE-T-BqrcfBDKslTgyAAi70,3648
+gitlabcis/recommendations/source_code_1/third_party_1_4/README.md,sha256=BXIC4OdjYfb6Ocuv-Gbwk0WBrbb1t1XlUYM_zie6Zuc,824
+gitlabcis/recommendations/source_code_1/third_party_1_4/admin_approval_for_app_installs.yml,sha256=z__hnGYcS-ZjitNIXYh5b7JuvXdATixu7eJ7E4hXQ84,3557
+gitlabcis/recommendations/source_code_1/third_party_1_4/least_privilge_app_permissions.yml,sha256=iw2m0A3PIlfqH0d4YXJ7E8wn9SANwotSHhydIlMoXTU,5088
+gitlabcis/recommendations/source_code_1/third_party_1_4/secure_webhooks.yml,sha256=282UA-Q4-9YtfHPMAxKXMg0l9csPyCK1473jMyKNG3Y,2887
+gitlabcis/recommendations/source_code_1/third_party_1_4/stale_app_reviews.yml,sha256=J-hrQDz_Ubo4sUkLySCTAyGAfZ5s37pKVXFqwrq_p8o,2897
+gitlabcis/tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+gitlabcis/tests/input/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+gitlabcis/tests/input/conftest.py,sha256=U0o0qtgkyfWw4GCZxkMeF5NJVu_YY2fmLs0E0RccHk4,780
+gitlabcis/tests/input/no_input_test.py,sha256=2rHCRlatPspewlIEBVWrlPTRRiOFLABLQ72U3QxjCw0,2407
+gitlabcis/tests/input/switch_test.py,sha256=H78FdeI3VWknkXpVGEuLxVVTh0jaVsjDol7CXspPCEw,582
+gitlabcis/tests/input/version_test.py,sha256=oLCSZggZJQT3XWptKxEdyQ9lG9NcD6jUicNe6DmUmg4,209
+gitlabcis/tests/unit/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+gitlabcis/tests/unit/conftest.py,sha256=NGGh8riPhZPEHYoDcJcYb5kZ6100f3g8V2ma09P3urM,2524
+gitlabcis/tests/unit/benchmarks/conftest.py,sha256=4OkUuTEferdcG2AZ3E4pkdBXpggX4JVn7bUPKYMIRN4,1261
+gitlabcis/tests/unit/benchmarks/function_test.py,sha256=aeATzQ2ORYC9AQTfAIQBrD6J1y-C_2XUdS2tk-it2zI,718
+gitlabcis/tests/unit/benchmarks/artifacts_4/access_to_artifacts_4_2_test.py,sha256=9JkP4hLyV4TXgsB4wfSx7C82ck445Yx5B54G4Nen3lQ,4051
+gitlabcis/tests/unit/benchmarks/artifacts_4/origin_traceability_4_4_test.py,sha256=bN0ci7TGjbTb9T7NZYtrjJ_-oJMe6nDmZ9m2G35faAM,436
+gitlabcis/tests/unit/benchmarks/artifacts_4/package_registries_4_3_test.py,sha256=E71x98DUxqRYVk8K4M4K5_w_ik82kXDS4QE4CYAz6P8,3400
+gitlabcis/tests/unit/benchmarks/artifacts_4/verification_4_1_test.py,sha256=RN2Bn4FDkwJAzxHL0VBRtNO2a9zG00CR9qhNemJAsN0,2512
+gitlabcis/tests/unit/benchmarks/build_pipelines_2/build_environment_2_1_test.py,sha256=DATammWnfbrHfM-eARZTFtIwSQP2MLFvbAAHgzgWkxE,7283
+gitlabcis/tests/unit/benchmarks/build_pipelines_2/build_worker_2_2_test.py,sha256=XZ5YGGRohr0l0qJrtFCtMffezTcZIBMv1Cp5MaNuwkQ,3134
+gitlabcis/tests/unit/benchmarks/build_pipelines_2/pipeline_instructions_2_3_test.py,sha256=OvcXGivlpuToNqvapEPrqHkF8i5aD8EpMn0TrAdcCPs,10929
+gitlabcis/tests/unit/benchmarks/build_pipelines_2/pipeline_integrity_2_4_test.py,sha256=EyF9uIVcmS5-kS3buZLA_eNaJj4lAT2KZu9NHvmzMWE,3644
+gitlabcis/tests/unit/benchmarks/dependencies_3/third_party_packages_3_1_test.py,sha256=qaW11GDI99OhRj4zFFz5s92x1X5hCFfgsQmbuBORHW4,3844
+gitlabcis/tests/unit/benchmarks/dependencies_3/validate_packages_3_2_test.py,sha256=MZBMINRDBjNycdYCCuejI2o8AXlD8o0HxFPLdx8xTC8,5534
+gitlabcis/tests/unit/benchmarks/deployment_5/deployment_configuration_5_1_test.py,sha256=kcD_6rqY0vwmrtRd3O_dIV7TkDZEB6eiQE6QiLCZSCM,4859
+gitlabcis/tests/unit/benchmarks/deployment_5/deployment_environment_5_2_test.py,sha256=RU_48joVHYsiNyQY7mmrt1tn-cz_e3ybsCUXg_IdANI,1869
+gitlabcis/tests/unit/benchmarks/source_code_1/code_changes_1_1_test.py,sha256=bkvGNcdljYfIMOMVgbF0WcK7g1ciT4j5IF-WRt5IC7o,18341
+gitlabcis/tests/unit/benchmarks/source_code_1/code_risks_1_5_test.py,sha256=52yV4KI_xI3wWIBrAO1CBuYUSf3GwljmVnc_pf4UZhA,12729
+gitlabcis/tests/unit/benchmarks/source_code_1/contribution_access_1_3_test.py,sha256=j35Zka8Phv6KHq3zmMtT34i12TqH5h5dtAYKlLKdBno,8518
+gitlabcis/tests/unit/benchmarks/source_code_1/repository_management_1_2_test.py,sha256=7hyfmwPBUKAxB7ZsSOgvE-_z4B4wkp3PAgK_VOUyjHw,4295
+gitlabcis/tests/unit/benchmarks/source_code_1/third_party_1_4_test.py,sha256=RluWJ2h0geVaCceqXgHucXPGsxdDx2wOCa47RTbrObI,3602
+gitlabcis/tests/unit/log/log_test.py,sha256=Fcv_joJvyKLcqRyZGuKhbp40taLA5osCEroj8wQi72M,680
+gitlabcis/tests/unit/utils/argfilters_test.py,sha256=5_krihG9DDaqB4k4OyCvr1cmuVTs1XjkaAhqSAn_FEc,301
+gitlabcis/tests/unit/utils/ci_test.py,sha256=Jz-N9h7bDkEVChgEccu569TZYfbGCCcl-TunBPPl2qE,5953
+gitlabcis/tests/unit/utils/output_test.py,sha256=dOzDALWvue-c5b85WPwed94Wm9lDyNHlJE1SQfbPzkE,2403
+gitlabcis/tests/unit/utils/utils_general_test.py,sha256=3HgQz1NYAAYiZRJqnad3Tj7_HTh0udjZ0GK-uojmpxo,5086
+gitlabcis/tests/unit/utils/version_test.py,sha256=vVcwIXGGJhbr-XUsOz5GHzDcjWEWdWBrhl0Lwv5yG3Y,304
+gitlabcis/tests/unit/yaml/bad_file_test.py,sha256=kjYZzuG2rEbUXCJ9O0GaaZpv6GDgGfFm0MfZjRjAPFs,386
+gitlabcis/tests/unit/yaml/recommendation_test.py,sha256=CzbGY7uVh3LoUEDbJkLbuEQIbGlE4tQsQiH5Vl1vhoE,3749
+gitlabcis/utils/__init__.py,sha256=pQi8BlSoYtQK86AFAcEXQU6KEf5iHYoywNW71zphguY,4861
+gitlabcis/utils/ci.py,sha256=xSk93cyvM37eHG_IvU4F3jI4oc7VuA7-XEm-tV4_Dq0,4456
+gitlabcis-1.3.2.dist-info/LICENSE,sha256=fspfaqYqKWU3czicuu6ddu7kxbYmxfTWuLks1whX3_Q,1075
+gitlabcis-1.3.2.dist-info/METADATA,sha256=QsjgBhNB14kmMC51bVqNyHBr3t1bDKPVA8FB3LoEQVU,12715
+gitlabcis-1.3.2.dist-info/WHEEL,sha256=OVMc5UfuAQiSplgO0_WdW7vXVGAt9Hdd6qtN4HotdyA,91
+gitlabcis-1.3.2.dist-info/entry_points.txt,sha256=ETjcAwWWAKIAsd8YKD2kvHJ80TmfO62T1-BrZ31TX98,54
+gitlabcis-1.3.2.dist-info/top_level.txt,sha256=-X1OkNa0H0W5KwER3cd5n2KZkLqEmEP9QpgOK0Q8E4w,10
+gitlabcis-1.3.2.dist-info/RECORD,,

gitlabcis-1.3.2.dist-info/WHEEL ADDED Viewed

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: setuptools (75.2.0)
+Root-Is-Purelib: true
+Tag: py3-none-any

gitlabcis-1.3.2.dist-info/entry_points.txt ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ [console_scripts]
2	+ gitlabcis = gitlabcis.cli.main:main

gitlabcis-1.3.2.dist-info/top_level.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+ gitlabcis