Skip to content

Ajout du référentiel Loi 05-20 (Maroc) #2818

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 5,424 commits into
base: main
Choose a base branch
from
Open

Ajout du référentiel Loi 05-20 (Maroc) #2818

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5424 commits
Select commit Hold shift + click to select a range
ab814c8
feat: check serializer data before scenario perform write method
Mohamed-Hacene Dec 23, 2024
4ba2b60
Add a tag for accepted risks (#1229)
Mohamed-Hacene Dec 23, 2024
355ff10
Leverage RBAC for global settings
nas-tabchiche Dec 23, 2024
bd8a7e9
Leverage RBAC for global settings (#1234)
Mohamed-Hacene Dec 23, 2024
a2583c4
hotfix: applied controls creation from risk scenario edit view (#1232)
nas-tabchiche Dec 23, 2024
0833b9c
Feat/disable steps ebios (#1236)
Mohamed-Hacene Dec 23, 2024
48ca9c0
feat: improve scenario name and description (#1240)
Mohamed-Hacene Dec 23, 2024
79072b7
Specify label for EBIOS RM tile links (#1235)
nas-tabchiche Dec 23, 2024
51c53f1
Add redirect URL to risk scenario edit form action (#1239)
nas-tabchiche Dec 23, 2024
a09e526
fix: strip on empty objects (#1242)
Mohamed-Hacene Dec 23, 2024
ecfe82b
Integrate new breadcrumbs with command palette (#1238)
nas-tabchiche Dec 23, 2024
677cf6a
Fill EBIOS RM study summary tile (#1243)
nas-tabchiche Dec 23, 2024
b2bd004
Run invalidateAll on EBIOS RM workshop state change (#1237)
nas-tabchiche Dec 23, 2024
873e064
impact graph (#1231)
ab-smith Dec 24, 2024
7ef0832
Add Standards for Safeguarding Customer Information by the Federal Tr…
ImanABS Dec 24, 2024
50d6b43
feat: disable pointer events on sidebar when closed (#1241)
Axxiar Dec 24, 2024
067575f
Update README.md (#1244)
eric-intuitem Dec 24, 2024
5b0e6fa
Rename threat columns to plural threats
nas-tabchiche Dec 24, 2024
4a66714
Order risk scenarios by ref_id in risk assessment PDF export
nas-tabchiche Dec 24, 2024
c775968
Fix display issue on unassessed scenarios
nas-tabchiche Dec 24, 2024
127f1c9
chore: ruff format
nas-tabchiche Dec 24, 2024
5dc2620
CA 733 properly sort items in risk assessment pdf export (#1246)
Mohamed-Hacene Dec 24, 2024
ca2b4d8
Rename uploaded artifacts in GitHub actions
nas-tabchiche Dec 24, 2024
b8cd83a
Merge branch 'main' into CA-661-git-hub-actions-find-better-names-for…
nas-tabchiche Dec 24, 2024
2f3b693
Fix flash mode and table mode shortcuts interfering with inputs (#1250)
nas-tabchiche Dec 24, 2024
24cb967
Feat/add ebios help texts (#1249)
Mohamed-Hacene Dec 24, 2024
4affdec
add non-root user to frontend and backend containers (#1228)
eric-intuitem Dec 25, 2024
67a3287
Internationalize CSF functions and add french translation (#1252)
nas-tabchiche Dec 25, 2024
a3befc3
Add page title to library detail
nas-tabchiche Dec 25, 2024
90b923f
Add page title to experimental
nas-tabchiche Dec 25, 2024
c65c877
read all navdata for now
ab-smith Dec 25, 2024
2e307b4
Fix keyboard shortcuts
ab-smith Dec 25, 2024
cf00d7d
ebios stakeholders radar (#1251)
ab-smith Dec 25, 2024
cc6dfa5
extra links palette and kbr shortcuts (#1254)
ab-smith Dec 25, 2024
3dc1d84
Rename uploaded artifacts in GitHub actions (#1247)
Mohamed-Hacene Dec 26, 2024
90d2d8f
Merge branch 'main' into hotfix/navigation-base-page-title
nas-tabchiche Dec 26, 2024
ba3cdb6
feat: add ecosystem radar to ebios study
Mohamed-Hacene Dec 26, 2024
fc4bb86
style: use ebios support colors
Mohamed-Hacene Dec 26, 2024
3f9201d
feat: filter stakeholders in study ecosystem chart
Mohamed-Hacene Dec 26, 2024
863ce60
chore: format
Mohamed-Hacene Dec 26, 2024
2603ab7
better ui on experimental tab on click (#1260)
melinoix Dec 26, 2024
590eb51
feat: redirect to last risk analysis in ebios workshop 5 (#1256)
Mohamed-Hacene Dec 26, 2024
e3bdd8c
back to the official colors
ab-smith Dec 26, 2024
4b7d5d2
Add eco radar ebios study (#1261)
ab-smith Dec 26, 2024
1000f89
[PRO] priority review matrix (#1255)
ab-smith Dec 26, 2024
4b7e5bd
add audit table progress (#1264)
ab-smith Dec 26, 2024
4d49cf8
Keep lines breaks on Flash mode and improve readibility (#1263)
ab-smith Dec 27, 2024
b4cd6ad
Refactor and update deps
ab-smith Dec 27, 2024
5c21be5
Align more files
ab-smith Dec 27, 2024
0f37f5c
Fix evidence management in applied control detail (#1265)
nas-tabchiche Dec 27, 2024
5feeeb0
Sanitize branch name before generating uploaded artifact file name (#…
nas-tabchiche Dec 27, 2024
4a3a2fb
Merge branch 'main' into hotfix/navigation-base-page-title
ab-smith Dec 27, 2024
1af2a58
Bump jinja2 from 3.1.4 to 3.1.5 in /backend (#1257)
dependabot[bot] Dec 27, 2024
37dadf3
feat: put question mode by default only for third party user (#1267)
Mohamed-Hacene Dec 27, 2024
0c5812d
hotfix: gravity/likelihood display when no hexcolor (#1268)
Mohamed-Hacene Dec 27, 2024
cb7c6f2
fix: add dynamically controls in scenario
Mohamed-Hacene Dec 27, 2024
edfbc87
fix: reload stakeholder edit page after control creation
Mohamed-Hacene Dec 27, 2024
1a3093f
fix warning placeholder
ab-smith Dec 27, 2024
120596b
Restructure navigation and expose new insights
ab-smith Dec 27, 2024
6121c22
formatting EE
ab-smith Dec 27, 2024
da01a30
chore: format front
Mohamed-Hacene Dec 27, 2024
d8f1e13
fix: remove ending slashes in nav data href
Mohamed-Hacene Dec 27, 2024
d0ccdde
explicit values for now
ab-smith Dec 27, 2024
05d0b8d
Feat/add controls dynamically stakeholders scenarios (#1269)
ab-smith Dec 27, 2024
ae6d5a8
enterprise fixes (#1270)
ab-smith Dec 27, 2024
9f33697
ebios: add more qualifications to Feared events (#1271)
Mohamed-Hacene Dec 27, 2024
5f3942f
Refactor and update CI deps (#1266)
Mohamed-Hacene Dec 27, 2024
fb150f6
Add Mapping from Adobe CCF v5 to ISO 27001: 2022 (#1248)
ImanABS Dec 28, 2024
a373fef
fix: $value calculated onMount in autocomplete select (#1272)
Mohamed-Hacene Dec 28, 2024
4238e0f
Increase wait time for initialisation to cover slow devices
ab-smith Dec 29, 2024
9906654
Increase wait time for initialisation to cover slow devices (#1274)
ab-smith Dec 29, 2024
435ea91
increase wait during initialization
ab-smith Dec 29, 2024
8301cd9
increase wait during initialization (#1276)
ab-smith Dec 29, 2024
8f64a1f
Revert non-root docker user until further rework
ab-smith Dec 30, 2024
eaf175e
Revert non-root docker user until further rework (#1277)
ab-smith Dec 30, 2024
4dbe879
Alter Professional to Competitor
ab-smith Dec 30, 2024
ab605c3
Update data-model.md
eric-intuitem Dec 30, 2024
d7e1948
chore: remove unused translations
Mohamed-Hacene Dec 30, 2024
d1416f8
Ebios: Alter Professional to Competitor (#1279)
Mohamed-Hacene Dec 30, 2024
7d6bea3
Specify internationalisation strategy (#1281)
Mohamed-Hacene Dec 30, 2024
86b3a87
hotfix: handle ro to translation in detail view (#1282)
Mohamed-Hacene Dec 30, 2024
c6ffcd6
feat: update roles with ebios permissions (#1280)
Mohamed-Hacene Dec 30, 2024
6c9229e
hotfix: remove ebios-rm table edit button (#1283)
Mohamed-Hacene Dec 30, 2024
8cccab1
minor translation fix (#1284)
ab-smith Dec 30, 2024
1bafaec
Remove obsolete workaround
nas-tabchiche Dec 31, 2024
ab97e07
chore: Remove dead code
nas-tabchiche Dec 31, 2024
dff178c
Merge branch 'main' into hotfix/navigation-base-page-title
nas-tabchiche Dec 31, 2024
b1a4df9
Fix applied control create form error handling in risk scenario updat…
nas-tabchiche Dec 31, 2024
a3c01db
Fix functional tests workflow name
nas-tabchiche Dec 31, 2024
2574487
Move back getPageTitle call to reactive statement
nas-tabchiche Dec 31, 2024
6641b21
Require stakeholder category field (#1288)
nas-tabchiche Dec 31, 2024
f7477ea
Add related objects to the applied control detail view
monsieurswag Dec 31, 2024
de9e21e
Add Spanish translation of DORA (dora.xlsx) (#1290)
thidalgosalvador Dec 31, 2024
17cdee2
Create YAML for DORA Spanish translation provided by thidalgosalvador…
eric-intuitem Dec 31, 2024
7c8ed3b
Add Spanish translation NIS2 Annex 2024/2690 (#1293)
thidalgosalvador Jan 1, 2025
68e65b4
Enabler for Indonesian translation - note: paraglide uses IETF BCP 47
ab-smith Jan 1, 2025
cb46a23
Language file
ab-smith Jan 1, 2025
3712185
Fix czech code
ab-smith Jan 1, 2025
682daac
Clean up
ab-smith Jan 1, 2025
12cffc0
Indonesian translation (#1295)
ab-smith Jan 1, 2025
bc2f9a5
Update README.md
ab-smith Jan 1, 2025
3f16a53
Add OWASP's checklist for LLM governance (#1292)
ab-smith Jan 1, 2025
d487d2e
Update README.md
ab-smith Jan 1, 2025
eb5ac43
Update features illustration
ab-smith Jan 1, 2025
c52fb0b
Support question-only requirements
monsieurswag Jan 2, 2025
6d35b29
Fix filter popup closing when clicking bug
monsieurswag Jan 3, 2025
747e965
Doing a dedicated PR for this would be stupid
monsieurswag Jan 3, 2025
1fd9902
Fix typo on README.md (#1305)
za Jan 3, 2025
3288ac1
Prevent assigning parent assets to primary assets (#1302)
nas-tabchiche Jan 3, 2025
df8b758
Fix functional tests workflow name (#1287)
Mohamed-Hacene Jan 3, 2025
4b59814
Add related objects to the applied control detail view (#1289)
Mohamed-Hacene Jan 3, 2025
32e2f4e
Hotfix/navigation base page title (#1259)
Mohamed-Hacene Jan 3, 2025
670be9f
Fix error handling on nested create modals (#1286)
Mohamed-Hacene Jan 3, 2025
c2bc28b
chore: remove comment
Mohamed-Hacene Jan 3, 2025
1d47630
Ca 746 clicking on the box of the filter closes it it should only clo…
Mohamed-Hacene Jan 3, 2025
b5ca4c7
Spanish translation for NIS2 2024/2690 annex (#1294)
ab-smith Jan 3, 2025
ca209d5
Sort security objectives and disaster recovery objectives based on de…
nas-tabchiche Jan 3, 2025
8e4ea59
Sort security objectives and disaster recovery objectives based on de…
Mohamed-Hacene Jan 3, 2025
1182436
hotfix: check urn before importing dependencies (#1300)
Mohamed-Hacene Jan 3, 2025
4e3ca74
Revert "hotfix: check urn before importing dependencies" (#1307)
ab-smith Jan 3, 2025
1edbaf0
NIS2 Translation to Spanish (#1303)
thidalgosalvador Jan 3, 2025
049f83f
Hotfix/deprecated urn stored library (#1308)
ab-smith Jan 3, 2025
351b98f
create superuser after library creations (#1310)
eric-intuitem Jan 4, 2025
ae089eb
NIS2 Spanish translation yaml (#1309)
ab-smith Jan 4, 2025
9823770
Update README.md
ab-smith Jan 4, 2025
f11371c
Update README.md
ab-smith Jan 5, 2025
b2760bf
Fix severity and likelihood display when no hexcolor is defined in Ri…
nas-tabchiche Jan 6, 2025
dc095b3
Add applied_controls to RequirementAssessmentViewSet.filterset_fields
nas-tabchiche Jan 6, 2025
72cd9da
Add applied_controls to StakeholderViewSet.filterset_fields
nas-tabchiche Jan 6, 2025
77e3cd9
Add applied_controls to VulnerabilityViewSet.filterset_fields
nas-tabchiche Jan 6, 2025
e97d49a
Only display linked evidence in applied control detail
nas-tabchiche Jan 6, 2025
1468aa4
chore: ruff format
nas-tabchiche Jan 6, 2025
f461258
Fix filtering and display of linked objects in applied control detail…
nas-tabchiche Jan 6, 2025
d16acfb
Cap criticality to 16 in StakeholderSchema (#1315)
nas-tabchiche Jan 6, 2025
27761a3
Add score in table mode
monsieurswag Jan 6, 2025
ef63e51
Include search params in edit next URL when coming from list
nas-tabchiche Jan 6, 2025
10ece5b
Fix error when analyst creates asset (#1322)
eric-intuitem Jan 7, 2025
93dab82
Align production docker compose with regular compose and remove DEBUG…
nas-tabchiche Jan 7, 2025
db55940
Fix question not being displayed in framework and libary detail views
monsieurswag Jan 7, 2025
c5fb71b
Set framework page title to framework name
nas-tabchiche Jan 7, 2025
8c80046
Update trimBreadcrumbsToCurrentPath predicates
nas-tabchiche Jan 7, 2025
6d86023
Support question-only requirements (#1297)
monsieurswag Jan 7, 2025
0defb38
Make the score component take the full width of the treeview item
monsieurswag Jan 7, 2025
d07e9cd
feat: add back to audit button in table mode
Mohamed-Hacene Jan 7, 2025
fa59dbf
chore: format
Mohamed-Hacene Jan 7, 2025
e1d9807
Include search params in edit next URL when coming from list (#1318)
Mohamed-Hacene Jan 7, 2025
f64220c
Merge branch 'main' into hotfix/framework-detail-page-title
nas-tabchiche Jan 7, 2025
1ac048e
Fix severity and likelihood display when no hexcolor is defined in Ri…
Mohamed-Hacene Jan 7, 2025
d67956b
Add score in table mode (#1317)
Mohamed-Hacene Jan 7, 2025
d590179
Set framework page title to framework name (#1323)
Mohamed-Hacene Jan 7, 2025
3077d1a
Use node LTS in CI (#1338)
nas-tabchiche Jan 8, 2025
6ec88c7
Fallback to 0 on security objective value retrieval (#1331)
nas-tabchiche Jan 8, 2025
ec8b5d0
Update cs.json (#1325)
rzivny Jan 8, 2025
1d69b53
Apply filters on catalog import for matrices and mapping (#1335)
ab-smith Jan 8, 2025
3eea302
Added French translation of OWASP ASVS 4.0.3 (#1327)
h-4-t Jan 8, 2025
8652818
Format backend code base and pin ruff's version to 0.9.0 in CI (#1346)
ab-smith Jan 9, 2025
d13fe25
Hotfix: inlang build (#1347)
nas-tabchiche Jan 10, 2025
f94facf
The value 4 should not be allowed in the security_objectives_display …
gbyx3 Jan 10, 2025
a2602dc
Align left table mode answers (#1348)
Mohamed-Hacene Jan 10, 2025
20be244
Periodic upgrades (#1312)
ab-smith Jan 10, 2025
9753e73
Fix observation and score copying during the mapping process (#1298)
monsieurswag Jan 10, 2025
94da01b
Sort remediation plan scenarios by ref id (#1350)
nas-tabchiche Jan 10, 2025
b13b6e1
Add date of publication to a library (#1273)
monsieurswag Jan 10, 2025
5ce9b0d
SOC2 v2017 with rev.2022 and Spanish translation (#1328)
thidalgosalvador Jan 10, 2025
ff4a69a
chore: remove useless migrate done by startup.sh (#1349)
Mohamed-Hacene Jan 10, 2025
18491e1
DORA CZ (#1345)
rzivny Jan 11, 2025
9b9c349
Fix Czech translations (#1351)
eric-intuitem Jan 11, 2025
6db2bb5
Clean CRA (#1336)
eric-intuitem Jan 11, 2025
3b8709c
soc2 rev 2022 as a separate library (#1352)
ab-smith Jan 11, 2025
e2cb70b
change title for SOC2 2017 revision 2022 (#1353)
eric-intuitem Jan 11, 2025
810b92a
Cap asset security objective max value to 3 (#1344)
nas-tabchiche Jan 11, 2025
d9cbf97
Specify database dump format (#1354)
nas-tabchiche Jan 13, 2025
4a9cf29
Add documentation score (#1339)
monsieurswag Jan 13, 2025
4580897
fix: lang choice persistence and menu flicker (#1359)
ab-smith Jan 14, 2025
29fa344
typos (#1363)
eric-intuitem Jan 16, 2025
7a0f8f6
hotfix: add domain column in evidences table for filtering (#1366)
Mohamed-Hacene Jan 16, 2025
780a765
Update backend (#1367)
ab-smith Jan 16, 2025
9b74963
Remove Business Value field from Assets to avoid confusion with descr…
ab-smith Jan 16, 2025
79c4ea1
fix labels translation on dashboard's stackedbar (#1369)
ab-smith Jan 17, 2025
eba051b
fix broken pdf when exporting risk analysis and the associated action…
ab-smith Jan 17, 2025
959f097
Update django version (#1374)
ab-smith Jan 17, 2025
c140e1f
Fix broken link for existing controls on Risk assessment (#1373)
ab-smith Jan 17, 2025
5353ebc
export/import domain capabilities (#1376)
eric-intuitem Jan 18, 2025
ad577ad
Guided tour: first iteration (#1333)
ab-smith Jan 18, 2025
72ccfec
ENS version with evaluable reinforcements in each security measure (#…
thidalgosalvador Jan 18, 2025
6c62550
Update Esquema Nacional de Seguridad (ENS) (#1378)
eric-intuitem Jan 19, 2025
3dc15d9
ANSSI : Recommandations pour les arch SI sensibles ou DR (#1381)
ab-smith Jan 20, 2025
0e7df2a
Add is_third_party column in user list (#1386)
melinoix Jan 20, 2025
3dc50a1
Translate CCB in French and define score definition for documentation…
eric-intuitem Jan 20, 2025
4a0463e
Update README.md
ab-smith Jan 20, 2025
9380fa7
Base for word report i18n and split completion from maturity (#1385)
ab-smith Jan 20, 2025
25269f7
Update .pre-commit-config.yaml
ab-smith Jan 20, 2025
eb2c294
build: new production ready helm chart (#1224)
Nathanael-Mtd Jan 22, 2025
cf49b40
feat(lang): add credentials warning when importing a backup (#1387)
melinoix Jan 22, 2025
59a651b
fix: deactivate score after scoring for not applicable requirement as…
melinoix Jan 22, 2025
5d0a017
feat: add cyclic check on parent_folder (#1388)
Mohamed-Hacene Jan 22, 2025
2e33291
fix: clean client warnings on audit pages (#1399)
Mohamed-Hacene Jan 22, 2025
4f87b0d
docs: convential commits spec (#1405)
ab-smith Jan 22, 2025
b9b60ec
feat: display a count of "updatable" loaded libraries and allow their…
Mohamed-Hacene Jan 22, 2025
2f1badb
feat: add csv export for assets (#1392)
ab-smith Jan 22, 2025
7acf337
fix: improve ebios radar for colliding points (#1403)
ab-smith Jan 22, 2025
57177b7
feat(lib): mitre d3fend (#1394)
eric-intuitem Jan 23, 2025
604b405
fix: audit progress takes into account selected implementation groups…
nas-tabchiche Jan 23, 2025
2b78b69
fix: eager set cast of possibly None implementation_groups field (#1410)
nas-tabchiche Jan 23, 2025
4e1e6bf
Matplotlib experiment (#1412)
ab-smith Jan 23, 2025
dfe1d58
matplotlib experiment (#1413)
ab-smith Jan 23, 2025
6990f18
matplotlib experiment2 (#1414)
ab-smith Jan 23, 2025
14454ae
build dependencies
ab-smith Jan 23, 2025
fe8dc70
remove explicit arm64/v8 and let it be infered
ab-smith Jan 23, 2025
c01d2e9
feat(ui): Add matrix reference in ebios RM study (#1411)
Axxiar Jan 24, 2025
6b0fb66
feat: show guided tour on first connection (#1404)
nas-tabchiche Jan 24, 2025
3504e24
fix: proper association of newly created foreign object inside an upd…
nas-tabchiche Jan 24, 2025
362f633
docs: domain import/export specification (#1361)
eric-intuitem Jan 24, 2025
7f732ac
feat: allow automatic loading of required libraries when performing a…
Mohamed-Hacene Jan 24, 2025
c681577
build: switch backend base image to slim - part 1 (#1416)
ab-smith Jan 24, 2025
1b42c1e
feat: parametric ebios rm radar (#1379)
ab-smith Jan 24, 2025
834dcad
ci: switch dummy builder to arm runner (#1419)
ab-smith Jan 24, 2025
f5bb029
Update EE backend dockerfile (#1420)
ab-smith Jan 24, 2025
0babd1b
feat(ui): aggregate risk scenarios in risk matrix to avoid bloating (…
Axxiar Jan 24, 2025
5016c7b
feat(ui): guided tour styling for better readibility (#1423)
ab-smith Jan 25, 2025
b8713c9
fix: risk acceptance permission overrides (#1417)
nas-tabchiche Jan 26, 2025
1ec5a30
perf: multiple optimizations for gunicorn and expose pg's CONN_MAX_AG…
ab-smith Jan 26, 2025
9383b2f
docs: update convential commits spec (#1425)
ab-smith Jan 26, 2025
adcb8d3
fix: manage word export when IG name is a number (#1426)
eric-intuitem Jan 26, 2025
60f7e9c
fix: project creation inside domain detail (#1427)
nas-tabchiche Jan 27, 2025
20b2c96
docs: document PUBLIC_API_EXPOSED_URL (#1429)
eric-intuitem Jan 27, 2025
8e2fd1f
fix: autocomplete arraysEqual leading to loops (#1433)
nas-tabchiche Jan 27, 2025
4d4670a
feat: task runner enabler with huey (#1422)
ab-smith Jan 27, 2025
ee4e812
feat(ui): small optimizations of library presentation headers (#1430)
krismas Jan 27, 2025
1130357
refactor: fixup for code formatting (#1435)
ab-smith Jan 27, 2025
5af0a26
feat: extra settings to enable mail notifications and matrix aggregat…
ab-smith Jan 27, 2025
e2e4b9c
fix: enforce permissions for domain import (#1400)
nas-tabchiche Jan 28, 2025
9dd846b
perf: improve audit creation time with bulk mode (#1437)
ab-smith Jan 28, 2025
625e07b
feat(lib): add library for BSI elementary threats (german and english…
Patrick-PDV Jan 28, 2025
10c950f
perf: improve query for threats radar (#1441)
ab-smith Jan 28, 2025
bb7c019
refactor!: move compliance overview to a dedicated recap page (#1444)
ab-smith Jan 28, 2025
73570ee
feat: add a filter on current and residual risk levels on risk scenar…
Axxiar Jan 28, 2025
4a867cf
feat: expose extra env variables for more flexible infra tuning (#1445)
ab-smith Jan 28, 2025
f02055e
feat: progressive loading of Analytics page (#1447)
ab-smith Jan 28, 2025
5333e14
fix: align ee settings to include huey (#1448)
ab-smith Jan 29, 2025
e752c7d
Update README.md
ab-smith Jan 30, 2025
d37a5c1
feat: improve domain import error handling (#1432)
Mohamed-Hacene Jan 30, 2025
b3c334d
feat: add a progress field on applied controls (#1443)
melinoix Jan 30, 2025
8f8edf1
fix: diffentiate cell's tooltips using matrixName (#1453)
Axxiar Jan 30, 2025
64d591a
Increase limit_request_line param for gunicorn for SSO. (#1454)
AisukoHakumei Jan 30, 2025
255af83
Update README.md
ab-smith Jan 30, 2025
cb71785
fix: suggest applied controls on audit creation (#1458)
nas-tabchiche Jan 31, 2025
9933fdc
fix: regression on implementation group selection (#1457)
nas-tabchiche Jan 31, 2025
3b77b6b
fix: form consistency for stakeholder as a mandatory field (#1451)
melinoix Jan 31, 2025
1db9a4a
Ajout du référentiel Loi 05-20 (Maroc)
Qnadia Nov 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
The diff you're trying to view is too large. We only load the first 3000 changed files.
4 changes: 3 additions & 1 deletion .dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
*.pyc
*.DS_Store
*~$*
**/*.mo
.git*
.pytest*
.idea*
venv/
env/
**/node_modules/
16 changes: 16 additions & 0 deletions .eslintrc.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"rules": {
"@typescript-eslint/no-unused-vars": [
"error",
{
"args": "all",
"argsIgnorePattern": "^_",
"caughtErrors": "all",
"caughtErrorsIgnorePattern": "^_",
"destructuredArrayIgnorePattern": "^_",
"varsIgnorePattern": "^_",
"ignoreRestSiblings": true
}
]
}
}
23 changes: 23 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_request.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
name: Feature Request
about: Suggestions for new features and improvements
title: ""
labels: "question"
assignees: ""
---

**Problem statement**
I want to be able to do X, but the current implementation only allows for Y.

**Expected behavior**

1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error

**Mock**
If applicable, add screenshots to help explain the expectation.

**Additional context**
Add any other context about the problem here.
72 changes: 72 additions & 0 deletions .github/workflows/backend-api-tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
name: API Tests

on:
pull_request:
branches: [main, develop]
types: [opened, synchronize]
paths:
- "backend/**"
- ".github/workflows/backend-api-tests.yml"
workflow_dispatch:
Comment on lines +3 to +10
Copy link
Contributor

@coderabbitai coderabbitai bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Fix workflow trigger configuration.

The workflow_dispatch key should be at the same indentation level as pull_request, not nested within it.

Apply this diff to fix the structure:

 on:
   pull_request:
     branches: [main, develop]
     types: [opened, synchronize]
     paths:
       - "backend/**"
       - ".github/workflows/backend-api-tests.yml"
+  workflow_dispatch:
-    workflow_dispatch:
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
on:
pull_request:
branches: [main, develop]
types: [opened, synchronize]
paths:
- "backend/**"
- ".github/workflows/backend-api-tests.yml"
workflow_dispatch:
on:
pull_request:
branches: [main, develop]
types: [opened, synchronize]
paths:
- "backend/**"
- ".github/workflows/backend-api-tests.yml"
workflow_dispatch:
🧰 Tools
🪛 actionlint (1.7.8)

10-10: unexpected key "workflow_dispatch" for "pull_request" section. expected one of "branches", "branches-ignore", "paths", "paths-ignore", "tags", "tags-ignore", "types", "workflows"

(syntax-check)

🤖 Prompt for AI Agents 
In .github/workflows/backend-api-tests.yml around lines 3 to 10, the
workflow_dispatch key is incorrectly nested under pull_request; move
workflow_dispatch out to the same indentation level as pull_request (i.e., under
on:) so both pull_request and workflow_dispatch are siblings, ensuring the file
triggers on pull_request events and manual dispatch.


env:
GITHUB_WORKFLOW: github_actions
PYTHON_VERSION: "3.12"
UBUNTU_VERSION: "ubuntu-24.04"

jobs:
test:
runs-on: ubuntu-24.04
env:
backend-directory: ./backend

strategy:
max-parallel: 4
matrix:
python-version: ["3.12"]

steps:
- uses: actions/checkout@v3
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v4
Comment on lines +29 to +31
Copy link
Contributor

@coderabbitai coderabbitai bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion | 🟠 Major

Update GitHub Actions to latest versions.

The checkout and setup-python actions are using outdated versions that may not run correctly on current GitHub Actions runners.

Apply this diff to update to current versions:

-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Set up python ${{ matrix.python-version }}
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: ${{ matrix.python-version }}
           cache: "pip"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- uses: actions/checkout@v3
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v4
- uses: actions/checkout@v4
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
🧰 Tools
🪛 actionlint (1.7.8)

29-29: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

31-31: the runner of "actions/setup-python@v4" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents 
In .github/workflows/backend-api-tests.yml around lines 29 to 31, update the
GitHub Actions to their current major releases: change uses: actions/checkout@v3
to uses: actions/checkout@v4 and ensure uses: actions/setup-python@v4 (or the
latest setup-python stable tag) is used; save the file and run the workflow
linter / a test run to confirm no breakage.

with:
python-version: ${{ matrix.python-version }}
cache: "pip"
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: false
installer-parallel: true
- name: Install backend requirements
working-directory: ${{ env.backend-directory }}
run: poetry install
- name: Create environment variables file
working-directory: ${{env.backend-directory}}
run: |
touch .env
echo DJANGO_DEBUG='True' >> .env
echo DB_HOST=localhost >> .env
echo EMAIL_HOST=localhost >> .env
echo EMAIL_PORT=1025 >> .env
echo EMAIL_HOST_USER='' >> .env
echo EMAIL_HOST_PASSWORD='' >> .env
#echo EMAIL_USE_TLS=False >> .env
echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
echo CISO_ASSISTANT_URL=http://127.0.0.1:5173 >> .env
- name: Run migrations
working-directory: ${{env.backend-directory}}
run: |
export $(grep -v '^#' .env | xargs)
poetry run python manage.py migrate
- name: Run API tests
working-directory: ${{env.backend-directory}}
run: |
export $(grep -v '^#' .env | xargs)
poetry run pytest app_tests/api --html=pytest-report.html --self-contained-html
Comment on lines +57 to +66
Copy link
Contributor

@coderabbitai coderabbitai bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion | 🟠 Major

Quote command substitution to prevent word splitting.

The export $(grep ...) pattern should have the command substitution quoted to avoid potential word splitting issues.

Apply this diff:

       - name: Run migrations
         working-directory: ${{env.backend-directory}}
         run: |
-          export $(grep -v '^#' .env | xargs)
+          export "$(grep -v '^#' .env | xargs)"
           poetry run python manage.py migrate
       - name: Run API tests
         working-directory: ${{env.backend-directory}}
         run: |
-          export $(grep -v '^#' .env | xargs)
+          export "$(grep -v '^#' .env | xargs)"
           poetry run pytest app_tests/api --html=pytest-report.html --self-contained-html

Alternatively, consider using set -a; source .env; set +a for a more robust approach to loading environment variables.

Committable suggestion skipped: line range outside the PR's diff.

🧰 Tools
🪛 actionlint (1.7.8)

59-59: shellcheck reported issue in this script: SC2046:warning:1:8: Quote this to prevent word splitting

(shellcheck)

64-64: shellcheck reported issue in this script: SC2046:warning:1:8: Quote this to prevent word splitting

(shellcheck)

🤖 Prompt for AI Agents 
In .github/workflows/backend-api-tests.yml around lines 57 to 66, the workflow
uses unquoted command substitution export $(grep -v '^#' .env | xargs) which can
suffer word-splitting; fix by quoting the substitution like export "$(grep -v
'^#' .env | xargs)" to preserve spaces, or replace the approach with a more
robust loader: use set -a; source .env; set +a (or a dedicated env-file action)
in both the "Run migrations" and "Run API tests" steps so environment variables
are loaded safely.

- uses: actions/upload-artifact@v4
if: always()
with:
name: api-tests-report
path: ${{ env.backend-directory }}/pytest-report.html
retention-days: 5
84 changes: 84 additions & 0 deletions .github/workflows/backend-coverage.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
name: Backend code coverage

on:
pull_request:
branches: ["main"]
paths:
- "backend/**"

env:
GITHUB_WORKFLOW: github_actions
POSTGRES_VERSION: "16"
UBUNTU_VERSION: "ubuntu-24.04"
PYTHON_VERSION: "3.12"

jobs:
build:
runs-on: ubuntu-24.04
env:
backend-directory: ./backend

services:
postgres:
image: postgres:16
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres # test credential
POSTGRES_DB: postgres
ports: ["5432:5432"]
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5

strategy:
max-parallel: 4
matrix:
python-version: ["3.12"]

steps:
- uses: actions/checkout@v3
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: false
installer-parallel: true
- name: Install backend requirements
working-directory: ${{ env.backend-directory }}
run: poetry install
- name: Create environment variables file
working-directory: ${{env.backend-directory}}
run: |
touch .env
echo DJANGO_DEBUG='True' >> .env
echo POSTGRES_NAME=postgres >> .env
echo POSTGRES_USER=postgres >> .env
echo POSTGRES_PASSWORD=postgres >> .env
echo DB_HOST=localhost >> .env
echo EMAIL_HOST=localhost >> .env
echo EMAIL_PORT=1025 >> .env
echo EMAIL_HOST_USER='' >> .env
echo EMAIL_HOST_PASSWORD='' >> .env
#echo EMAIL_USE_TLS=False >> .env
echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
echo CISO_ASSISTANT_URL=http://127.0.0.1:5173 >> .env
- name: Run migrations
working-directory: ${{env.backend-directory}}
run: |
export $(grep -v '^#' .env | xargs)
poetry run python manage.py migrate
- name: Run coverage
working-directory: ${{env.backend-directory}}
env:
Comment on lines +18 to +75
Copy link
Contributor

@coderabbitai coderabbitai bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Fix env context key to avoid expression errors

${{ env.backend-directory }} is parsed as env.backend - directory, so steps fail to resolve the working directory. Rename the variable with underscores (and update references) so the workflow evaluates. citeturn1static_analysis_hints0

Apply this diff:

-    env:
-      backend-directory: ./backend
+    env:
+      BACKEND_DIRECTORY: ./backend
@@
-      - name: Install backend requirements
-        working-directory: ${{ env.backend-directory }}
+      - name: Install backend requirements
+        working-directory: ${{ env.BACKEND_DIRECTORY }}
@@
-      - name: Create environment variables file
-        working-directory: ${{env.backend-directory}}
+      - name: Create environment variables file
+        working-directory: ${{ env.BACKEND_DIRECTORY }}
@@
-      - name: Run migrations
-        working-directory: ${{env.backend-directory}}
+      - name: Run migrations
+        working-directory: ${{ env.BACKEND_DIRECTORY }}
@@
-      - name: Run coverage
-        working-directory: ${{env.backend-directory}}
+      - name: Run coverage
+        working-directory: ${{ env.BACKEND_DIRECTORY }}
@@
-      - name: Display coverage report
-        working-directory: ${{env.backend-directory}}
+      - name: Display coverage report
+        working-directory: ${{ env.BACKEND_DIRECTORY }}

Committable suggestion skipped: line range outside the PR's diff.

🧰 Tools
🪛 actionlint (1.7.8)

37-37: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

39-39: the runner of "actions/setup-python@v4" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

53-53: shellcheck reported issue in this script: SC2129:style:2:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects

(shellcheck)

70-70: shellcheck reported issue in this script: SC2046:warning:1:8: Quote this to prevent word splitting

(shellcheck)

🤖 Prompt for AI Agents 
In .github/workflows/backend-coverage.yaml around lines 18 to 75 the env key
backend-directory uses a hyphen which GitHub Actions parses as an expression
(env.backend - directory) causing working-directory lookups to fail; rename the
variable to backend_directory in the env section and update every reference
(e.g. replace all occurrences of ${{ env.backend-directory }} with ${{
env.backend_directory }} and any other places that reference the old name) so
the workflow resolves the path correctly.

DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres"
run: |
export $(grep -v '^#' .env | xargs)
find . -path '*/tests/*' -and -name 'test*.py' -and -not -path "./venv/*" | xargs coverage run -m pytest
Comment on lines +77 to +79
Copy link
Contributor

@coderabbitai coderabbitai bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Ensure pytest actually runs (and only once)

The find ... -path '*/tests/*' filter skips your real suites (e.g., backend/app_tests), so xargs never runs pytest. Even if it matched, the command would invoke coverage run per file, overwriting .coverage each time. Replace it with a single coverage run -m pytest invocation. citeturn1static_analysis_hints0

Apply this diff:

-          find . -path '*/tests/*' -and -name 'test*.py' -and -not -path "./venv/*" | xargs coverage run -m pytest
+          poetry run coverage run -m pytest
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
run: |
export $(grep -v '^#' .env | xargs)
find . -path '*/tests/*' -and -name 'test*.py' -and -not -path "./venv/*" | xargs coverage run -m pytest
run: |
export $(grep -v '^#' .env | xargs)
poetry run coverage run -m pytest
🧰 Tools
🪛 actionlint (1.7.8)

77-77: shellcheck reported issue in this script: SC2046:warning:1:8: Quote this to prevent word splitting

(shellcheck)

77-77: shellcheck reported issue in this script: SC2038:warning:2:1: Use 'find .. -print0 | xargs -0 ..' or 'find .. -exec .. +' to allow non-alphanumeric filenames

(shellcheck)

🤖 Prompt for AI Agents 
.github/workflows/backend-coverage.yaml around lines 77 to 79: the current
command uses find with a path filter that omits real test dirs and pipes
filenames to xargs, which would call coverage run per file (overwriting
.coverage) and likely never runs pytest; change it to a single invocation of
coverage run -m pytest (optionally with a tests path or -k pattern if you need
to limit scope) so pytest is executed exactly once under coverage; remove the
find | xargs pipeline and ensure environment variables are still exported before
the single coverage command.

- name: Display coverage report
working-directory: ${{env.backend-directory}}
env:
DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres"
run: coverage report
Comment on lines +76 to +84
Copy link
Contributor

@coderabbitai coderabbitai bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Quote the service port key

job.services.postgres.ports[5432] is invalid because the port map keys are strings; actionlint already flags this and the job fails. Use the quoted key instead. citeturn1static_analysis_hints0

Apply this diff:

-          DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres"
+          DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports['5432'] }}/postgres"
@@
-          DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres"
+          DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports['5432'] }}/postgres"
🧰 Tools
🪛 actionlint (1.7.8)

76-76: property access of object must be type of string but got "number"

(expression)

77-77: shellcheck reported issue in this script: SC2046:warning:1:8: Quote this to prevent word splitting

(shellcheck)

77-77: shellcheck reported issue in this script: SC2038:warning:2:1: Use 'find .. -print0 | xargs -0 ..' or 'find .. -exec .. +' to allow non-alphanumeric filenames

(shellcheck)

83-83: property access of object must be type of string but got "number"

(expression)

🪛 Checkov (3.2.334)

[medium] 76-77: Basic Auth Credentials

(CKV_SECRET_4)

🤖 Prompt for AI Agents 
In .github/workflows/backend-coverage.yaml around lines 76 to 84, the workflow
references job.services.postgres.ports[5432] using an unquoted numeric key which
is invalid; update the references to use the string key form
job.services.postgres.ports['5432'] (or job.services.postgres.ports."5432"
depending on YAML parser) wherever the port is accessed (both DATABASE_URL
lines) so actionlint and the workflow can resolve the port mapping correctly.

41 changes: 41 additions & 0 deletions .github/workflows/backend-linters.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
name: Backend Linters

on:
pull_request:
paths:
- "backend/**"

env:
GITHUB_WORKFLOW: github_actions
PYTHON_VERSION: "3.12"
UBUNTU_VERSION: "ubuntu-24.04"

jobs:
ruff:
runs-on: ubuntu-24.04
env:
working-directory: ./backend

strategy:
max-parallel: 4
matrix:
python-version: ["3.12"]

steps:
- uses: actions/checkout@v4
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
Comment on lines +27 to +30
Copy link
Contributor

@coderabbitai coderabbitai bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Update actions/setup-python to v5.

The actions/setup-python@v4 action is outdated and may not run properly on current GitHub Actions runners.

Apply this diff:

-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
🧰 Tools
🪛 actionlint (1.7.8)

27-27: the runner of "actions/setup-python@v4" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents 
.github/workflows/backend-linters.yaml lines 27-30: update the GitHub Action
reference from actions/setup-python@v4 to actions/setup-python@v5; replace the
uses: value accordingly (no other behavioral changes required), then test the
workflow to ensure the new action version works with the existing python-version
matrix and pip cache settings.

- name: Install ruff
working-directory: ${{env.working-directory}}
run: |
python -m pip install ruff==0.9.2
- name: Run ruff format check
working-directory: ${{env.working-directory}}
run: ruff format --check .
# NOTE: The following will be uncommented once the codebase is cleaned up
# - name: ruff
# working-directory: ${{env.working-directory}}
# run: ruff check .
110 changes: 110 additions & 0 deletions .github/workflows/backend-migrations-check.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
name: Backend migrations check

on:
pull_request:
branches: [main, develop]
types: [opened, synchronize]
workflow_dispatch:

env:
GITHUB_WORKFLOW: github_actions
backend-directory: ./backend
enterprise-backend-directory: ./enterprise/backend
enterprise-backend-settings-module: enterprise_core.settings
UBUNTU_VERSION: "ubuntu-24.04"
PYTHON_VERSION: "3.12"

jobs:
migrations-check:
runs-on: ubuntu-24.04

strategy:
max-parallel: 4
matrix:
python-version: ["3.12"]

steps:
- uses: actions/checkout@v4
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: false
installer-parallel: true
- name: Install backend requirements
working-directory: ${{ env.backend-directory }}
run: poetry install
- name: Create backend environment variables file
working-directory: ${{ env.backend-directory }}
run: |
touch .env
echo DJANGO_DEBUG=True >> .env
echo [email protected] >> .env
echo DJANGO_SUPERUSER_PASSWORD=1234 >> .env
echo DB_HOST=localhost >> .env
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
echo CISO_ASSISTANT_URL=http://localhost:4173 >> .env
echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
echo EMAIL_HOST=localhost >> .env
echo [email protected] >> .env
echo EMAIL_HOST_PASSWORD=password >> .env
echo EMAIL_PORT=1025 >> .env
- name: Check that migrations were made
working-directory: ${{ env.backend-directory }}
run: |
export $(grep -v '^#' .env | xargs)
poetry run python manage.py makemigrations --check --dry-run --verbosity=3

enterprise-migrations-check:
runs-on: ubuntu-24.04

strategy:
max-parallel: 4
matrix:
python-version: ["3.12"]

steps:
- uses: actions/checkout@v4
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: false
installer-parallel: true
- name: Install backend requirements
working-directory: ${{ env.backend-directory }}
run: poetry install
- name: Install enterprise backend
working-directory: ${{ env.enterprise-backend-directory }}
run: poetry install
- name: Create backend environment variables file
working-directory: ${{ env.backend-directory }}
run: |
touch .env
echo DJANGO_DEBUG=True >> .env
echo [email protected] >> .env
echo DJANGO_SUPERUSER_PASSWORD=1234 >> .env
echo DB_HOST=localhost >> .env
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
echo CISO_ASSISTANT_URL=http://localhost:4173 >> .env
echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
echo EMAIL_HOST=localhost >> .env
echo [email protected] >> .env
echo EMAIL_HOST_PASSWORD=password >> .env
echo EMAIL_PORT=1025 >> .env
echo DJANGO_SETTINGS_MODULE=enterprise_core.settings >> .env
echo LICENSE_SEATS=999 >> .env
- name: Check that migrations were made
working-directory: ${{ env.backend-directory }}
run: |
export $(grep -v '^#' .env | xargs)
poetry run python manage.py makemigrations --check --dry-run --verbosity=3 --settings=${{ env.enterprise-backend-settings-module }}
Comment on lines +9 to +109
Copy link
Contributor

@coderabbitai coderabbitai bot Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Normalize env keys so expressions work

Hyphenated env keys (env.backend-directory, env.enterprise-backend-directory, etc.) are parsed as subtraction in expressions, so every ${{ env.backend-directory }}/${{ env.enterprise-backend-settings-module }} access fails. Rename the variables with underscores and update each reference. citeturn2static_analysis_hints0

Apply this diff:

   env:
     GITHUB_WORKFLOW: github_actions
-    backend-directory: ./backend
-    enterprise-backend-directory: ./enterprise/backend
-    enterprise-backend-settings-module: enterprise_core.settings
+    BACKEND_DIRECTORY: ./backend
+    ENTERPRISE_BACKEND_DIRECTORY: ./enterprise/backend
+    ENTERPRISE_BACKEND_SETTINGS_MODULE: enterprise_core.settings
@@
-      - name: Install backend requirements
-        working-directory: ${{ env.backend-directory }}
+      - name: Install backend requirements
+        working-directory: ${{ env.BACKEND_DIRECTORY }}
@@
-      - name: Create backend environment variables file
-        working-directory: ${{ env.backend-directory }}
+      - name: Create backend environment variables file
+        working-directory: ${{ env.BACKEND_DIRECTORY }}
@@
-        working-directory: ${{ env.backend-directory }}
+        working-directory: ${{ env.BACKEND_DIRECTORY }}
@@
-      - name: Install backend requirements
-        working-directory: ${{ env.backend-directory }}
+      - name: Install backend requirements
+        working-directory: ${{ env.BACKEND_DIRECTORY }}
@@
-      - name: Install enterprise backend
-        working-directory: ${{ env.enterprise-backend-directory }}
+      - name: Install enterprise backend
+        working-directory: ${{ env.ENTERPRISE_BACKEND_DIRECTORY }}
@@
-      - name: Create backend environment variables file
-        working-directory: ${{ env.backend-directory }}
+      - name: Create backend environment variables file
+        working-directory: ${{ env.BACKEND_DIRECTORY }}
@@
-        working-directory: ${{ env.backend-directory }}
+        working-directory: ${{ env.BACKEND_DIRECTORY }}
@@
-          poetry run python manage.py makemigrations --check --dry-run --verbosity=3 --settings=${{ env.enterprise-backend-settings-module }}
+          poetry run python manage.py makemigrations --check --dry-run --verbosity=3 --settings=${{ env.ENTERPRISE_BACKEND_SETTINGS_MODULE }}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
env:
GITHUB_WORKFLOW: github_actions
backend-directory: ./backend
enterprise-backend-directory: ./enterprise/backend
enterprise-backend-settings-module: enterprise_core.settings
UBUNTU_VERSION: "ubuntu-24.04"
PYTHON_VERSION: "3.12"
jobs:
migrations-check:
runs-on: ubuntu-24.04
strategy:
max-parallel: 4
matrix:
python-version: ["3.12"]
steps:
- uses: actions/checkout@v4
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: false
installer-parallel: true
- name: Install backend requirements
working-directory: ${{ env.backend-directory }}
run: poetry install
- name: Create backend environment variables file
working-directory: ${{ env.backend-directory }}
run: |
touch .env
echo DJANGO_DEBUG=True >> .env
echo [email protected] >> .env
echo DJANGO_SUPERUSER_PASSWORD=1234 >> .env
echo DB_HOST=localhost >> .env
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
echo CISO_ASSISTANT_URL=http://localhost:4173 >> .env
echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
echo EMAIL_HOST=localhost >> .env
echo [email protected] >> .env
echo EMAIL_HOST_PASSWORD=password >> .env
echo EMAIL_PORT=1025 >> .env
- name: Check that migrations were made
working-directory: ${{ env.backend-directory }}
run: |
export $(grep -v '^#' .env | xargs)
poetry run python manage.py makemigrations --check --dry-run --verbosity=3
enterprise-migrations-check:
runs-on: ubuntu-24.04
strategy:
max-parallel: 4
matrix:
python-version: ["3.12"]
steps:
- uses: actions/checkout@v4
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: false
installer-parallel: true
- name: Install backend requirements
working-directory: ${{ env.backend-directory }}
run: poetry install
- name: Install enterprise backend
working-directory: ${{ env.enterprise-backend-directory }}
run: poetry install
- name: Create backend environment variables file
working-directory: ${{ env.backend-directory }}
run: |
touch .env
echo DJANGO_DEBUG=True >> .env
echo [email protected] >> .env
echo DJANGO_SUPERUSER_PASSWORD=1234 >> .env
echo DB_HOST=localhost >> .env
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
echo CISO_ASSISTANT_URL=http://localhost:4173 >> .env
echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
echo EMAIL_HOST=localhost >> .env
echo [email protected] >> .env
echo EMAIL_HOST_PASSWORD=password >> .env
echo EMAIL_PORT=1025 >> .env
echo DJANGO_SETTINGS_MODULE=enterprise_core.settings >> .env
echo LICENSE_SEATS=999 >> .env
- name: Check that migrations were made
working-directory: ${{ env.backend-directory }}
run: |
export $(grep -v '^#' .env | xargs)
poetry run python manage.py makemigrations --check --dry-run --verbosity=3 --settings=${{ env.enterprise-backend-settings-module }}
env:
GITHUB_WORKFLOW: github_actions
BACKEND_DIRECTORY: ./backend
ENTERPRISE_BACKEND_DIRECTORY: ./enterprise/backend
ENTERPRISE_BACKEND_SETTINGS_MODULE: enterprise_core.settings
UBUNTU_VERSION: "ubuntu-24.04"
PYTHON_VERSION: "3.12"
jobs:
migrations-check:
runs-on: ubuntu-24.04
strategy:
max-parallel: 4
matrix:
python-version: ["3.12"]
steps:
- uses: actions/checkout@v4
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: false
installer-parallel: true
- name: Install backend requirements
working-directory: ${{ env.BACKEND_DIRECTORY }}
run: poetry install
- name: Create backend environment variables file
working-directory: ${{ env.BACKEND_DIRECTORY }}
run: |
touch .env
echo DJANGO_DEBUG=True >> .env
echo [email protected] >> .env
echo DJANGO_SUPERUSER_PASSWORD=1234 >> .env
echo DB_HOST=localhost >> .env
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
echo CISO_ASSISTANT_URL=http://localhost:4173 >> .env
echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
echo EMAIL_HOST=localhost >> .env
echo [email protected] >> .env
echo EMAIL_HOST_PASSWORD=password >> .env
echo EMAIL_PORT=1025 >> .env
- name: Check that migrations were made
working-directory: ${{ env.BACKEND_DIRECTORY }}
run: |
export $(grep -v '^#' .env | xargs)
poetry run python manage.py makemigrations --check --dry-run --verbosity=3
enterprise-migrations-check:
runs-on: ubuntu-24.04
strategy:
max-parallel: 4
matrix:
python-version: ["3.12"]
steps:
- uses: actions/checkout@v4
- name: Set up python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
cache: "pip"
- name: Install Poetry
uses: snok/install-poetry@v1
with:
virtualenvs-create: false
installer-parallel: true
- name: Install backend requirements
working-directory: ${{ env.BACKEND_DIRECTORY }}
run: poetry install
- name: Install enterprise backend
working-directory: ${{ env.ENTERPRISE_BACKEND_DIRECTORY }}
run: poetry install
- name: Create backend environment variables file
working-directory: ${{ env.BACKEND_DIRECTORY }}
run: |
touch .env
echo DJANGO_DEBUG=True >> .env
echo [email protected] >> .env
echo DJANGO_SUPERUSER_PASSWORD=1234 >> .env
echo DB_HOST=localhost >> .env
echo CISO_ASSISTANT_SUPERUSER_EMAIL='' >> .env
echo CISO_ASSISTANT_URL=http://localhost:4173 >> .env
echo DEFAULT_FROM_EMAIL='[email protected]' >> .env
echo EMAIL_HOST=localhost >> .env
echo [email protected] >> .env
echo EMAIL_HOST_PASSWORD=password >> .env
echo EMAIL_PORT=1025 >> .env
echo DJANGO_SETTINGS_MODULE=enterprise_core.settings >> .env
echo LICENSE_SEATS=999 >> .env
- name: Check that migrations were made
working-directory: ${{ env.BACKEND_DIRECTORY }}
run: |
export $(grep -v '^#' .env | xargs)
poetry run python manage.py makemigrations --check --dry-run --verbosity=3 --settings=${{ env.ENTERPRISE_BACKEND_SETTINGS_MODULE }}
🧰 Tools
🪛 actionlint (1.7.8)

29-29: the runner of "actions/setup-python@v4" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

43-43: shellcheck reported issue in this script: SC2129:style:2:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects

(shellcheck)

58-58: shellcheck reported issue in this script: SC2046:warning:1:8: Quote this to prevent word splitting

(shellcheck)

90-90: shellcheck reported issue in this script: SC2129:style:2:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects

(shellcheck)

107-107: shellcheck reported issue in this script: SC2046:warning:1:8: Quote this to prevent word splitting

(shellcheck)

107-107: shellcheck reported issue in this script: SC2181:style:3:6: Check exit code directly with e.g. 'if ! mycmd;', not indirectly with $?

(shellcheck)

🤖 Prompt for AI Agents 
In .github/workflows/backend-migrations-check.yaml lines 9-109, hyphenated env
keys (backend-directory, enterprise-backend-directory,
enterprise-backend-settings-module) must be renamed to use underscores
(backend_directory, enterprise_backend_directory,
enterprise_backend_settings_module) because expressions treat hyphens as
subtraction; update the env: block to the new names and replace every occurrence
of ${ { env.backend-directory }}, ${ { env.enterprise-backend-directory }}, and
${ { env.enterprise-backend-settings-module }} throughout the file
(working-directory, with/echo lines, and the makemigrations command) to use ${ {
env.backend_directory }}, ${ { env.enterprise_backend_directory }}, and ${ {
env.enterprise_backend_settings_module }} respectively so all references resolve
correctly.

if [ $? -ne 0 ]; then echo "::error Migrations were not made, please run the makemigrations command." && exit 1; fi
Loading