You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is a risk that we confuse the reader due to using the exact same ID + TITLE as MITRE. This issue is to discuss options before creating a PR to apply the changes.
Allow exceptions to bubble up and handle exceptions at the right level in the stack.
Each except block must ensure that the program continues only with formally specified behavior by either:
.....
The product detects a specific error, but takes no actions to handle the error.
We must make clear that pySCG is not MITRE. Using the same ID+TITLE format also causes issues when referencing between different pySCG rules. We also avoid confusion when mixing links between MITRE Pillars and pySCG on the main readme.md file.
We like to keep :
The folder structure to avoid breaking links
Avoid need for scraping to avoids breaking links.
Keep a overview of direct relations between pySCG and CWE
Renaming title's could be beneficial to pySCG as it allows to use more documentation friendly "Do's" rather than "Dont's".
Uh oh!
There was an error while loading. Please reload this page.
There is a risk that we confuse the reader due to using the exact same ID + TITLE as MITRE. This issue is to discuss options before creating a PR to apply the changes.
For example a reading:
CWE-390: Detection of Error Condition without Action
vs reading
CWE-390: Detection of Error Condition Without Action
We must make clear that pySCG is not MITRE. Using the same ID+TITLE format also causes issues when referencing between different pySCG rules. We also avoid confusion when mixing links between MITRE Pillars and pySCG on the main readme.md file.
We like to keep :
Renaming title's could be beneficial to pySCG as it allows to use more documentation friendly "Do's" rather than "Dont's".
Option A)
We remove the ID from all titles and add column with the CWE to the main readme.md
Optional renaming of titles.
Example CWE-390: Detection of Error Condition without Action would become Detection of Error Condition without Action.
Add a CWE column to the main readme.md example
Folders remain as is.
Option B)
Remove MITRE ID from title and rename titles to "Do's", link to MITRE in first line of a rule and change main readme as per Option A)
Keep folder structure as is.
Example CWE-390: Detection of Error Condition without Action would become Allow exceptions to bubble up and handle exceptions at the right level in the stack..
Option C)
Replace MITRE CWE prefix with pySCG, remove prefix from folders, quote CWE in main readme as in option A
Example CWE-390: Detection of Error Condition without Action would become pySCG-390: Detection of Error Condition without Action
Its folder would have to change from CWE-703/CWE-390 to pySCG-703/pySCG-390.
The text was updated successfully, but these errors were encountered: