Removed security insights field (#190)

* Removed security insights field * Removed from template: SecurityInsightsValue Signed-off-by: Eddie Knight <knight@linux.com>
ossf · Feb 18, 2025 · 7b48206 · 7b48206
1 parent d85b35d
commit 7b48206
Show file tree

Hide file tree

Showing 10 changed files with 8 additions and 66 deletions.
diff --git a/baseline/OSPS-AC.yaml b/baseline/OSPS-AC.yaml
@@ -36,7 +36,6 @@ criteria:
       SSDF: PO3.2, PS1
       CSF: PR.AA-02
       OCRE: 486-813, 124-564, 347-352, 333-858, 152-725, 201-246
-    security_insights_value: # TODO
 
 
   - id: OSPS-AC-02
@@ -61,7 +60,6 @@ criteria:
       SSDF: PO3.2, PS1
       CSF: PR:AA-02
       OCRE: 486-813, 124-564, 802-056, 368-633, 152-725 
-    security_insights_value: # TODO
 
 
   - id: OSPS-AC-03
@@ -95,7 +93,6 @@ criteria:
       SSDF: PO3.2, PS1
       CSF: PR.AA-02
       OCRE: 486-813, 124-564, 152-725
-    security_insights_value: # TODO
 
   - id: OSPS-AC-04
     maturity_level: 1
@@ -117,7 +114,6 @@ criteria:
       SSDF: PO3.2, PS1
       CSF: PR.AA-02
       OCRE: 486-813, 124-564,123-124, 152-725
-    security_insights_value: # TODO
 
   - id: OSPS-AC-05
     maturity_level: 2
@@ -144,7 +140,6 @@ criteria:
       SSDF: PO2, PO3.2, PS1
       CSF: PR.AA-02, PR.AA-05
       OCRE: 486-813, 124-564,347-507, 263-284, 123-124
-    security_insights_value: # TODO
 
 
   - id: OSPS-AC-07
@@ -173,4 +168,3 @@ criteria:
       SSDF: PO3.2, PS1
       CSF: PR.AA-02
       OCRE: 486-813, 124-564,333-858, 102-811, 354-752
-    security_insights_value: # TODO
diff --git a/baseline/OSPS-BR.yaml b/baseline/OSPS-BR.yaml
@@ -30,7 +30,6 @@ criteria:
       SSDF: PO3.2, PS1
       CSF: PR.AA-02
       OCRE: 483-813, 124-564, 357-352
-    security_insights_value: # TODO
 
   - id: OSPS-BR-02
     maturity_level: 2
@@ -57,7 +56,6 @@ criteria:
       CRA: 1.2f
       SSDF: PO3.2, PS1, PS2, PS3
       OCRE: 483-813, 124-564
-    security_insights_value: # TODO
 
   - id: OSPS-BR-03
     maturity_level: 1
@@ -80,7 +78,6 @@ criteria:
       CRA: 1.2d, 1.2e, 1.2f, 1.2i, 1.2j, 1.2k
       SSDF: PO3.2, PS1
       OCRE: 483-813, 124-564, 263-184
-    security_insights_value: # TODO
 
   - id: OSPS-BR-04
     maturity_level: 2
@@ -104,7 +101,6 @@ criteria:
       CRA: 1.2b, 1.2d, 1.2f, 1.2h, 1.2j
       SSDF: PO3.2, PS1
       OCRE: 483-813, 124-564, 347-352, 263-184, 208-355
-    security_insights_value: project-lifecycle.release-process
 
   - id: OSPS-BR-05
     maturity_level: 2
@@ -131,7 +127,6 @@ criteria:
       CRA: 1.2b, 1.2d, 1.2f, 1.2h, 1.2j, 2.1
       SSDF: PO3.2, PS1
       OCRE: 483-813, 124-564, 347-352, 715-334
-    security_insights_value: # TODO
 
   - id: OSPS-BR-06
     maturity_level: 2
@@ -158,7 +153,6 @@ criteria:
       CRA: 1.2l, 2.2
       SSDF: PS1, PS2, PS3, PW1.2
       OCRE: 483-813, 124-564, 745-356
-    security_insights_value: # TODO
 
   - id: OSPS-BR-08
     maturity_level: 2
@@ -181,8 +175,6 @@ criteria:
       metadata file.
     control_mappings:
       SSDF: PO5.2, PS2.1, PW6.2
-    security_insights_value: 
-      Signed-Releases
 
   - id: OSPS-BR-09
     maturity_level: 1
@@ -205,7 +197,6 @@ criteria:
       CRA: 1.2d, 1.2e, 1.2f, 1.2i, 1.2j, 1.2k
       SSDF: PO3.2, PS1
       OCRE: 483-813, 124-564, 263-184
-    security_insights_value: # TODO
 
   - id: OSPS-BR-10
     maturity_level: 2
@@ -230,4 +221,3 @@ criteria:
       CRA: 1.2d, 1.2e, 1.2f, 1.2i, 1.2j, 1.2k
       SSDF: PO3.2, PS1
       OCRE: 483-813, 124-564, 263-184
-    security_insights_value: # TODO
diff --git a/baseline/OSPS-DO.yaml b/baseline/OSPS-DO.yaml
@@ -32,7 +32,6 @@ criteria:
       CSF: GV.OC-04, GV.OC-05
       OC: 4.1.4
       OCRE: 036-275
-    security_insights_value: # TODO
 
   - id: OSPS-DO-05
     maturity_level: 1
@@ -63,7 +62,6 @@ criteria:
       SSDF: PW1.2, RV1.1, RV2.1, RV1.2
       CSF: RS.MA-02, GV.RM-05
       OC: 4.2.1
-    security_insights_value: # TODO
 
   - id: OSPS-DO-12
     maturity_level: 2
@@ -91,7 +89,6 @@ criteria:
       CRA: 1.2d
       SSDF: PO4.2, PS.2, PS2.1, PS3.1, RV1.3
       OCRE: 171-222 
-    security_insights_value: # TODO
 
   - id: OSPS-DO-13
     maturity_level: 2
@@ -115,7 +112,6 @@ criteria:
       BPB: R-B-3
       SSDF: PO4.2, PS3.1, RV1.3 
       OC: 4.1, 4.3.1
-    security_insights_value: # TODO
 
   - id: OSPS-DO-14
     maturity_level: 3
@@ -139,7 +135,6 @@ criteria:
       CRA: 1.2c, 2.6
       OC: 4.1.1, 4.3.1
       OCRE: 673-475, 053-751
-    security_insights_value: # TODO
 
   - id: OSPS-DO-15
     maturity_level: 2
@@ -165,6 +160,3 @@ criteria:
       BPB: A-S-1
       CRA: 2.1
       OCRE: 613-286, 053-751
-    security_insights_value: 
-      Pinned-Dependencies
-
diff --git a/baseline/OSPS-GV.yaml b/baseline/OSPS-GV.yaml
@@ -26,7 +26,6 @@ criteria:
     control_mappings: 
       BPB: B-S-3, B-S-4
       OCRE: 013-021
-    security_insights_value: # TODO
 
   - id: OSPS-GV-02
     maturity_level: 1
@@ -53,7 +52,6 @@ criteria:
       CSF:
       OC:
       OCRE:
-    security_insights_value: # TODO
 
   - id: OSPS-GV-03
     maturity_level: 1
@@ -75,7 +73,6 @@ criteria:
       BPB: B-B-4, B-S-3, B-B-4+, R-B-1, Q-G-2
       CRA: 1.2l, 2.4
       SSDF: PW1.2
-    security_insights_value: # TODO
 
   - id: OSPS-GV-04
     maturity_level: 2
@@ -104,7 +101,6 @@ criteria:
       BPB: B-B-5, B-S-3, B-B-4+, Q-G-2
       CRA: 1.2l, 2.1, 2.2, 2.5, 2.6
       OC: 4.1.2
-    security_insights_value: # TODO
 
   - id: OSPS-GV-05
     maturity_level: 2
@@ -137,4 +133,3 @@ criteria:
       SSDF: PO2, PO3.2 
       CSF: PR.AA-02, PR.AA-05
       OCRE: 123-124, 152-725
-    security_insights_value: # TODO
diff --git a/baseline/OSPS-LE.yaml b/baseline/OSPS-LE.yaml
@@ -33,7 +33,6 @@ criteria:
       BPB: B-S-1
       CRA: 1.2b, 1.2f
       SSDF: PO3.2, PS1, PW1.2, PW2.1
-    security_insights_value: # TODO
 
   - id: OSPS-LE-02
     maturity_level: 1
@@ -67,7 +66,6 @@ criteria:
       CRA: 1.2b
       SSDF: PO3.2
       CSF: GV.OC-03
-    security_insights_value: # TODO
 
   - id: OSPS-LE-03
     maturity_level: 1
@@ -92,7 +90,6 @@ criteria:
       BPB: B-B-8
       CRA: 1.2b
       SSDF: PO3.2
-    security_insights_value: # TODO
 
   - id: OSPS-LE-04
     maturity_level: 1
@@ -126,4 +123,3 @@ criteria:
       CRA: 1.2b
       SSDF: PO3.2
       CSF: GV.OC-03
-    security_insights_value: # TODO
diff --git a/baseline/OSPS-QA.yaml b/baseline/OSPS-QA.yaml
@@ -32,7 +32,6 @@ criteria:
       CRA: 1.2b, 1.2j
       SSDF: PS1, PS2, PS3, PW1.2
       OCRE: 486-813, 124-564
-    security_insights_value: # TODO
 
   - id: OSPS-QA-02
     maturity_level: 1
@@ -59,7 +58,6 @@ criteria:
       CSF: ID.AM-02, ID.RA-01, ID.RA-08
       OC: 4.1.4
       OCRE: 486-813, 124-564, 757-271
-    security_insights_value: # TODO
 
   - id: OSPS-QA-03
     maturity_level: 1
@@ -84,7 +82,6 @@ criteria:
       CSF: ID.AM-02
       OC: 4.1.5, 4.3.1
       OCRE: 486-813, 124-564, 673-475,863-521, 613-286
-    security_insights_value: # TODO
 
   - id: OSPS-QA-04
     maturity_level: 2
@@ -114,7 +111,6 @@ criteria:
       CRA: 1.2f, 1.2k
       SSDF: PO4.1, PS1
       CSF: ID.IM-02
-    security_insights_value: # TODO
 
   - id: OSPS-QA-05
     maturity_level: 3
@@ -147,7 +143,6 @@ criteria:
       CRA: 1.2b, 1.2f
       SSDF: PO3.2, PO4.1, PS1
       OCRE: 486-813, 124-564
-    security_insights_value: # TODO
 
   - id: OSPS-QA-06
     maturity_level: 2
@@ -174,7 +169,6 @@ criteria:
       CRA: 1.2b
       SSDF: PS1
       OCRE: 486-813, 124-564
-    security_insights_value: # TODO
 
   - id: OSPS-QA-08
     maturity_level: 3
@@ -191,7 +185,6 @@ criteria:
       SSDF: PW8.2
       OC: 4.1.5
       OCRE: 207-435, 088-377
-    security_insights_value: # TODO
 
 
   - id: OSPS-QA-09
@@ -211,7 +204,6 @@ criteria:
       CSF: ID.IM-02
       OC: 4.1.5
       OCRE: 207-435, 088-377
-    security_insights_value: # TODO
 
 
   - id: OSPS-QA-10
@@ -226,7 +218,6 @@ criteria:
     implementation: # TODO
     control_mappings:       
       BPB: B-G-3
-    security_insights_value: # TODO
 
   - id: OSPS-QA-11
     maturity_level: 3
@@ -251,4 +242,3 @@ criteria:
       CSF: ID.AM-01, ID.AM-02
       OC: 4.3.1
       OCRE: 486-813, 124-564, 863-521, 613-286
-    security_insights_value: # TODO
diff --git a/baseline/OSPS-SA.yaml b/baseline/OSPS-SA.yaml
@@ -29,7 +29,6 @@ criteria:
       SSDF: PO.1, PO.2, PO3.2
       CSF: ID.AM-02
       OCRE: 155-155, 326-704, 068-102, 036-275, 162-655
-    security_insights_value: # TODO
 
   - id: OSPS-SA-02
     maturity_level: 2
@@ -61,7 +60,6 @@ criteria:
       CSF: GV.OC-05, ID.AM-01
       OC: 4.1.4
       OCRE: 155-155, 068-102, 072-713, 820-878
-    security_insights_value: # TODO
 
   - id: OSPS-SA-03
     maturity_level: 3
@@ -98,7 +96,6 @@ criteria:
       CSF: ID.RA-01, ID.RA-04, ID.RA-05, DE.AE-07
       OC: 4.1.5
       OCRE: 068-102, 154-031, 888-770
-    security_insights_value: # TODO
 
   - id: OSPS-SA-04
     maturity_level: 2
@@ -137,4 +134,3 @@ criteria:
       CSF: ID.RA-04, ID.RA-05, DE.AE-07
       OC: 4.1.5
       OCRE: 068-102, 307-242, 660-867
-    security_insights_value: # TODO
diff --git a/baseline/OSPS-VM.yaml b/baseline/OSPS-VM.yaml
@@ -33,7 +33,6 @@ criteria:
       CSF: GV.RM-05, GV.RM-06, GV.PO-01, GV.PO-02, ID.RA-01, ID.RA-08, ID.IM-02
       OC: 4.1.5, 4.2.1, 4.3.2
       OCRE: 124-564, 832-555, 611-158, 207-435, 088-377
-    security_insights_value: # TODO
 
   - id: OSPS-VM-02
     maturity_level: 3
@@ -59,7 +58,6 @@ criteria:
       CSF: GV.PO-01, GV.PO-02, ID.RA-01, ID.RA-08
       OC: 4.1.5
       OCRE: 486-813, 833-442, 611-158, 207-435, 088-377
-    security_insights_value: # TODO
 
   - id: OSPS-VM-03
     maturity_level: 2
@@ -88,7 +86,6 @@ criteria:
       CSF: GV.PO-01, GV.PO-02, ID.RA-01, ID.RA-08
       OC: 4.1.5, 4.2.1, 4.3.2
       OCRE: 887-750
-    security_insights_value: # TODO
 
   - id: OSPS-VM-04
     maturity_level: 3
@@ -117,7 +114,6 @@ criteria:
       SSDF: PO4.1, RV1.2, RV2.1, RV2.2
       OC: 4.1.5
       OCRE: 486-813, 124-564, 757-271
-    security_insights_value: # TODO
 
   - id: OSPS-VM-05
     maturity_level: 1
@@ -141,7 +137,6 @@ criteria:
       CSF: GV.PO-01, GV.PO-02, ID.RA-01
       OC: 4.1.1, 4.1.3, 4.1.5, 4.2.2
       OCRE: 464-513
-    security_insights_value: # TODO
 
   - id: OSPS-VM-06
     maturity_level: 2
@@ -161,7 +156,6 @@ criteria:
       BPB:
       CRA: 1.2a, 1.2b, 2.1, 2.4, 2.6
       OCRE: 308-514
-    security_insights_value: # TODO
 
   - id: OSPS-VM-07
     maturity_level: 2
@@ -179,4 +173,3 @@ criteria:
       vulnerable, and instructions for mitigation or remediation.
     control_mappings:
       CRA: 1.2a, 1.2b, 2.1, 2.4, 2.6
-    security_insights_value: # TODO