From 71536bd956ae3849e90ee7eef053c5aa108753b7 Mon Sep 17 00:00:00 2001 From: sg Date: Mon, 28 Oct 2024 13:38:13 +0000 Subject: [PATCH] set all component maturity to experimental in preparation for adding graduation criteria --- components/consumers/arangodb/task.yaml | 1 + components/consumers/aws-s3/task.yaml | 1 + components/consumers/bigquery/task.yaml | 1 + components/consumers/defectdojo/task.yaml | 1 + components/consumers/dependency-track/task.yaml | 1 + components/consumers/elasticsearch/task.yaml | 1 + components/consumers/jira/task.yaml | 1 + components/consumers/mongodb/task.yaml | 1 + components/consumers/pdf/task.yaml | 1 + components/consumers/slack/task.yaml | 1 + components/consumers/stdout-json/task.yaml | 1 + components/enrichers/codeowners/task.yaml | 1 + components/enrichers/custom-annotation/task.yaml | 1 + components/enrichers/deduplication/task.yaml | 1 + components/enrichers/depsdev/task.yaml | 1 + components/enrichers/policy/task.yaml | 1 + components/enrichers/reachability/task.yaml | 1 + components/producers/brakeman/task.yaml | 3 ++- components/producers/cdxgen/task.yaml | 1 + components/producers/checkov/task.yaml | 1 + components/producers/dependency-check/task.yaml | 1 + components/producers/dependency-track/task.yaml | 1 + components/producers/docker-trivy/task.yaml | 1 + components/producers/github-codeql/task.yaml | 1 + components/producers/github-dependabot/task.yaml | 1 + components/producers/golang-gosec/task.yaml | 1 + components/producers/golang-nancy/task.yaml | 1 + components/producers/java-findsecbugs/task.yaml | 1 + components/producers/kics/task.yaml | 1 + components/producers/ossf-scorecard/task.yaml | 1 + components/producers/python-bandit/task.yaml | 1 + components/producers/python-pip-safety/task.yaml | 1 + components/producers/semgrep/task.yaml | 1 + components/producers/snyk-docker/task.yaml | 1 + components/producers/snyk-node/task.yaml | 1 + components/producers/snyk-python/task.yaml | 1 + components/producers/terraform-tfsec/task.yaml | 1 + components/producers/testsslsh/task.yaml | 1 + components/producers/trufflehog/task.yaml | 1 + components/producers/typescript-eslint/task.yaml | 1 + components/producers/typescript-yarn-audit/task.yaml | 1 + components/producers/zaproxy/task.yaml | 1 + 42 files changed, 43 insertions(+), 1 deletion(-) diff --git a/components/consumers/arangodb/task.yaml b/components/consumers/arangodb/task.yaml index 75b67701b..d80ee47cc 100644 --- a/components/consumers/arangodb/task.yaml +++ b/components/consumers/arangodb/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-arangodb labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Pushes findings to an ArangoDB database. workspaces: diff --git a/components/consumers/aws-s3/task.yaml b/components/consumers/aws-s3/task.yaml index a168e451b..024b2b0f2 100644 --- a/components/consumers/aws-s3/task.yaml +++ b/components/consumers/aws-s3/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-aws-s3 labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Pushes findings to an S3 bucket. volumes: diff --git a/components/consumers/bigquery/task.yaml b/components/consumers/bigquery/task.yaml index 2d1f0c1aa..66bc5c61b 100644 --- a/components/consumers/bigquery/task.yaml +++ b/components/consumers/bigquery/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-bigquery labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Pushes findings to a BigQuery database. volumes: diff --git a/components/consumers/defectdojo/task.yaml b/components/consumers/defectdojo/task.yaml index 5aab3931b..2039aad37 100644 --- a/components/consumers/defectdojo/task.yaml +++ b/components/consumers/defectdojo/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-defectdojo labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Pushes findings to a DefectDojo vulnerability management instance. params: diff --git a/components/consumers/dependency-track/task.yaml b/components/consumers/dependency-track/task.yaml index 3c4ac81f4..903476211 100644 --- a/components/consumers/dependency-track/task.yaml +++ b/components/consumers/dependency-track/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-dependency-track labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Pushes findings to a Dependency-Track instance. params: diff --git a/components/consumers/elasticsearch/task.yaml b/components/consumers/elasticsearch/task.yaml index ae5374634..abd8606e0 100644 --- a/components/consumers/elasticsearch/task.yaml +++ b/components/consumers/elasticsearch/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-elasticsearch labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Pushes findings to an Elasticsearch database. params: diff --git a/components/consumers/jira/task.yaml b/components/consumers/jira/task.yaml index c11402357..4822d9298 100644 --- a/components/consumers/jira/task.yaml +++ b/components/consumers/jira/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-jira labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Pushes findings to a Jira instance. volumes: diff --git a/components/consumers/mongodb/task.yaml b/components/consumers/mongodb/task.yaml index b3504abf0..6be800361 100644 --- a/components/consumers/mongodb/task.yaml +++ b/components/consumers/mongodb/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-mongodb labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Pushes findings to a MongoDB database. params: diff --git a/components/consumers/pdf/task.yaml b/components/consumers/pdf/task.yaml index 1c1620211..838ac1478 100644 --- a/components/consumers/pdf/task.yaml +++ b/components/consumers/pdf/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-pdf labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Pushes findings to an S3 bucket as PDFs. volumes: diff --git a/components/consumers/slack/task.yaml b/components/consumers/slack/task.yaml index 3818a38d1..97a094ff7 100644 --- a/components/consumers/slack/task.yaml +++ b/components/consumers/slack/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-slack labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Pushes findings to a Slack channel. params: diff --git a/components/consumers/stdout-json/task.yaml b/components/consumers/stdout-json/task.yaml index e29a6801f..871f2f03c 100644 --- a/components/consumers/stdout-json/task.yaml +++ b/components/consumers/stdout-json/task.yaml @@ -5,6 +5,7 @@ metadata: name: consumer-stdout-json labels: v1.smithy.smithy-security.com/component: consumer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Prints findings to stdout in JSON format. workspaces: diff --git a/components/enrichers/codeowners/task.yaml b/components/enrichers/codeowners/task.yaml index 836f00f5a..59d6436c6 100644 --- a/components/enrichers/codeowners/task.yaml +++ b/components/enrichers/codeowners/task.yaml @@ -5,6 +5,7 @@ metadata: name: enricher-codeowners labels: v1.smithy.smithy-security.com/component: enricher + v1.smithy.smithy.security/component/maturity: experimental spec: description: Identifies a code owner for each finding. params: diff --git a/components/enrichers/custom-annotation/task.yaml b/components/enrichers/custom-annotation/task.yaml index d558e83d7..2c84063b7 100644 --- a/components/enrichers/custom-annotation/task.yaml +++ b/components/enrichers/custom-annotation/task.yaml @@ -5,6 +5,7 @@ metadata: name: enricher-custom-annotation labels: v1.smithy.smithy-security.com/component: enricher + v1.smithy.smithy.security/component/maturity: experimental spec: description: Adds a set of custom annotations to all issues that pass through this params: diff --git a/components/enrichers/deduplication/task.yaml b/components/enrichers/deduplication/task.yaml index 585d08aee..071a9646d 100644 --- a/components/enrichers/deduplication/task.yaml +++ b/components/enrichers/deduplication/task.yaml @@ -5,6 +5,7 @@ metadata: name: enricher-deduplication labels: v1.smithy.smithy-security.com/component: enricher + v1.smithy.smithy.security/component/maturity: experimental spec: description: Compares multiple inputs and removes duplicates. workspaces: diff --git a/components/enrichers/depsdev/task.yaml b/components/enrichers/depsdev/task.yaml index 0ce24c927..fa0dd4ef3 100644 --- a/components/enrichers/depsdev/task.yaml +++ b/components/enrichers/depsdev/task.yaml @@ -5,6 +5,7 @@ metadata: name: enricher-depsdev labels: v1.smithy.smithy-security.com/component: enricher + v1.smithy.smithy.security/component/maturity: experimental spec: description: Adds context from deps.dev for each third-party dependency. params: diff --git a/components/enrichers/policy/task.yaml b/components/enrichers/policy/task.yaml index 3b9c8e125..482c31669 100644 --- a/components/enrichers/policy/task.yaml +++ b/components/enrichers/policy/task.yaml @@ -5,6 +5,7 @@ metadata: name: enricher-policy labels: v1.smithy.smithy-security.com/component: enricher + v1.smithy.smithy.security/component/maturity: experimental spec: description: Enforces security policies defined in OPA for each finding. sidecars: diff --git a/components/enrichers/reachability/task.yaml b/components/enrichers/reachability/task.yaml index e5b08161d..f93dacb68 100644 --- a/components/enrichers/reachability/task.yaml +++ b/components/enrichers/reachability/task.yaml @@ -5,6 +5,7 @@ metadata: name: enricher-reachability labels: v1.smithy.smithy-security.com/component: enricher + v1.smithy.smithy.security/component/maturity: experimental spec: description: Performs a reachability check on a supplied repository using AppThreat/atom. params: diff --git a/components/producers/brakeman/task.yaml b/components/producers/brakeman/task.yaml index cc017d638..390b8df03 100644 --- a/components/producers/brakeman/task.yaml +++ b/components/producers/brakeman/task.yaml @@ -6,7 +6,8 @@ metadata: labels: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sast - v1.smithy.smithy-security.com/language: brakeman + v1.smithy.smithy-security.com/language: ruby + v1.smithy.smithy.security/component/maturity: experimental spec: description: Analyse Ruby source code usign brakeman to look for security issues. params: diff --git a/components/producers/cdxgen/task.yaml b/components/producers/cdxgen/task.yaml index c966765db..eafaf5a1a 100644 --- a/components/producers/cdxgen/task.yaml +++ b/components/producers/cdxgen/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sbom v1.smithy.smithy-security.com/language: all + v1.smithy.smithy.security/component/maturity: experimental spec: description: Generate a CycloneDX SBOM from source code. params: diff --git a/components/producers/checkov/task.yaml b/components/producers/checkov/task.yaml index 6fe4603f3..1324b97bb 100644 --- a/components/producers/checkov/task.yaml +++ b/components/producers/checkov/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sast v1.smithy.smithy-security.com/language: iac + v1.smithy.smithy.security/component/maturity: experimental spec: description: Analyse IAC source code to look for security issues. params: diff --git a/components/producers/dependency-check/task.yaml b/components/producers/dependency-check/task.yaml index f78510a54..3d5837f55 100644 --- a/components/producers/dependency-check/task.yaml +++ b/components/producers/dependency-check/task.yaml @@ -6,6 +6,7 @@ metadata: labels: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sca + v1.smithy.smithy.security/component/maturity: experimental spec: description: Generate a Dependency-Check report from source code. volumes: diff --git a/components/producers/dependency-track/task.yaml b/components/producers/dependency-track/task.yaml index 6a6465fff..2aec5cbc2 100644 --- a/components/producers/dependency-track/task.yaml +++ b/components/producers/dependency-track/task.yaml @@ -5,6 +5,7 @@ metadata: name: producer-dependency-track labels: v1.smithy.smithy-security.com/component: producer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Generate a Dependency-Track report from source code. params: diff --git a/components/producers/docker-trivy/task.yaml b/components/producers/docker-trivy/task.yaml index 716d6a54a..d349206b9 100644 --- a/components/producers/docker-trivy/task.yaml +++ b/components/producers/docker-trivy/task.yaml @@ -6,6 +6,7 @@ metadata: labels: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sca + v1.smithy.smithy.security/component/maturity: experimental spec: description: Generate a Trivy report from a Docker image. params: diff --git a/components/producers/github-codeql/task.yaml b/components/producers/github-codeql/task.yaml index 408f5a64f..8ef6f9e59 100644 --- a/components/producers/github-codeql/task.yaml +++ b/components/producers/github-codeql/task.yaml @@ -6,6 +6,7 @@ metadata: labels: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sast + v1.smithy.smithy.security/component/maturity: experimental spec: description: Retrieve a GitHub Code Scanning report from a GitHub repository. params: diff --git a/components/producers/github-dependabot/task.yaml b/components/producers/github-dependabot/task.yaml index 86e173b4e..0f0037043 100644 --- a/components/producers/github-dependabot/task.yaml +++ b/components/producers/github-dependabot/task.yaml @@ -6,6 +6,7 @@ metadata: labels: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sca + v1.smithy.smithy.security/component/maturity: experimental spec: description: Retrieve a GitHub Code Scanning report from a GitHub repository. params: diff --git a/components/producers/golang-gosec/task.yaml b/components/producers/golang-gosec/task.yaml index a6d6af468..c4797a78d 100644 --- a/components/producers/golang-gosec/task.yaml +++ b/components/producers/golang-gosec/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sast v1.smithy.smithy-security.com/language: golang + v1.smithy.smithy.security/component/maturity: experimental spec: description: Analyse Go source code to look for security issues. params: diff --git a/components/producers/golang-nancy/task.yaml b/components/producers/golang-nancy/task.yaml index 10d6abac7..67151347c 100644 --- a/components/producers/golang-nancy/task.yaml +++ b/components/producers/golang-nancy/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sca v1.smithy.smithy-security.com/language: golang + v1.smithy.smithy.security/component/maturity: experimental spec: description: Dependency scanner for Golang projects. params: diff --git a/components/producers/java-findsecbugs/task.yaml b/components/producers/java-findsecbugs/task.yaml index 52b16287d..e516f0646 100644 --- a/components/producers/java-findsecbugs/task.yaml +++ b/components/producers/java-findsecbugs/task.yaml @@ -6,6 +6,7 @@ metadata: labels: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/language: java + v1.smithy.smithy.security/component/maturity: experimental spec: description: Generate a FindSecBugs report from source code. params: diff --git a/components/producers/kics/task.yaml b/components/producers/kics/task.yaml index 53d025347..762312ee6 100644 --- a/components/producers/kics/task.yaml +++ b/components/producers/kics/task.yaml @@ -5,6 +5,7 @@ metadata: name: producer-kics labels: v1.smithy.smithy-security.com/component: producer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Generate a KICS report from source code. volumes: diff --git a/components/producers/ossf-scorecard/task.yaml b/components/producers/ossf-scorecard/task.yaml index eeef6615e..db356f243 100644 --- a/components/producers/ossf-scorecard/task.yaml +++ b/components/producers/ossf-scorecard/task.yaml @@ -5,6 +5,7 @@ metadata: name: producer-ossf-scorecard labels: v1.smithy.smithy-security.com/component: producer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Generates scorecards for open source projects to show how they adhere with best practices. params: diff --git a/components/producers/python-bandit/task.yaml b/components/producers/python-bandit/task.yaml index fa07185bc..7debd5837 100644 --- a/components/producers/python-bandit/task.yaml +++ b/components/producers/python-bandit/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sast v1.smithy.smithy-security.com/language: python + v1.smithy.smithy.security/component/maturity: experimental spec: description: SAST scanner that analyses Python source code to look for security issues. volumes: diff --git a/components/producers/python-pip-safety/task.yaml b/components/producers/python-pip-safety/task.yaml index 0246b6072..e36246852 100644 --- a/components/producers/python-pip-safety/task.yaml +++ b/components/producers/python-pip-safety/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sca v1.smithy.smithy-security.com/language: python + v1.smithy.smithy.security/component/maturity: experimental spec: description: Dependency scanner for Python projects. params: diff --git a/components/producers/semgrep/task.yaml b/components/producers/semgrep/task.yaml index d00840401..c9aed72df 100644 --- a/components/producers/semgrep/task.yaml +++ b/components/producers/semgrep/task.yaml @@ -6,6 +6,7 @@ metadata: labels: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sast + v1.smithy.smithy.security/component/maturity: experimental spec: description: Analyse source code using Semgrep to look for security issues. params: diff --git a/components/producers/snyk-docker/task.yaml b/components/producers/snyk-docker/task.yaml index ad6f180ac..4eb48e2c0 100644 --- a/components/producers/snyk-docker/task.yaml +++ b/components/producers/snyk-docker/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sast v1.smithy.smithy-security.com/language: docker + v1.smithy.smithy.security/component/maturity: experimental spec: params: - name: producer-snyk-docker-api-key diff --git a/components/producers/snyk-node/task.yaml b/components/producers/snyk-node/task.yaml index 8caa9214d..481714c83 100644 --- a/components/producers/snyk-node/task.yaml +++ b/components/producers/snyk-node/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sast v1.smithy.smithy-security.com/language: docpythoner + v1.smithy.smithy.security/component/maturity: experimental spec: params: - name: producer-snyk-node-api-key diff --git a/components/producers/snyk-python/task.yaml b/components/producers/snyk-python/task.yaml index f928c9793..34f1b87a7 100644 --- a/components/producers/snyk-python/task.yaml +++ b/components/producers/snyk-python/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sast v1.smithy.smithy-security.com/language: docpythoner + v1.smithy.smithy.security/component/maturity: experimental spec: params: - name: producer-snyk-python-api-key diff --git a/components/producers/terraform-tfsec/task.yaml b/components/producers/terraform-tfsec/task.yaml index 3534033bf..5158970b1 100644 --- a/components/producers/terraform-tfsec/task.yaml +++ b/components/producers/terraform-tfsec/task.yaml @@ -5,6 +5,7 @@ metadata: name: producer-terraform-tfsec labels: v1.smithy.smithy-security.com/component: producer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Generate a Terraform-Tfsec report from source code. params: diff --git a/components/producers/testsslsh/task.yaml b/components/producers/testsslsh/task.yaml index cb3907204..003406f0d 100644 --- a/components/producers/testsslsh/task.yaml +++ b/components/producers/testsslsh/task.yaml @@ -5,6 +5,7 @@ metadata: name: producer-testsslsh labels: v1.smithy.smithy-security.com/component: producer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Generate a Testssl.sh report from a target URL. params: diff --git a/components/producers/trufflehog/task.yaml b/components/producers/trufflehog/task.yaml index dea87358b..ca3d54ce4 100644 --- a/components/producers/trufflehog/task.yaml +++ b/components/producers/trufflehog/task.yaml @@ -5,6 +5,7 @@ metadata: name: producer-trufflehog labels: v1.smithy.smithy-security.com/component: producer + v1.smithy.smithy.security/component/maturity: experimental spec: description: Secret scanner for repositories. params: diff --git a/components/producers/typescript-eslint/task.yaml b/components/producers/typescript-eslint/task.yaml index ef9c94898..487dd01e8 100644 --- a/components/producers/typescript-eslint/task.yaml +++ b/components/producers/typescript-eslint/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sast v1.smithy.smithy-security.com/language: typescript + v1.smithy.smithy.security/component/maturity: experimental spec: description: Static analysis for javascript and typescript projects. params: diff --git a/components/producers/typescript-yarn-audit/task.yaml b/components/producers/typescript-yarn-audit/task.yaml index 9747ec644..d004bb1e0 100644 --- a/components/producers/typescript-yarn-audit/task.yaml +++ b/components/producers/typescript-yarn-audit/task.yaml @@ -7,6 +7,7 @@ metadata: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: sca v1.smithy.smithy-security.com/language: typescript + v1.smithy.smithy.security/component/maturity: experimental spec: description: Dependency scanner for Node.js projects. volumes: diff --git a/components/producers/zaproxy/task.yaml b/components/producers/zaproxy/task.yaml index 837bf011d..32cd71640 100644 --- a/components/producers/zaproxy/task.yaml +++ b/components/producers/zaproxy/task.yaml @@ -6,6 +6,7 @@ metadata: labels: v1.smithy.smithy-security.com/component: producer v1.smithy.smithy-security.com/test-type: dast + v1.smithy.smithy.security/component/maturity: experimental spec: description: DAST scanner that analyses web applications for security issues. params: