chore: Run pre-commit

.github/workflows/docker-build-and-push.yml

@@ -36,14 +36,14 @@ jobs:
       run: |
         echo "VERSION=$(git describe --tags --always)" >> $GITHUB_ENV
         echo "BUILD=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
-        
+
         echo "CISO_ASSISTANT_VERSION=$(git describe --tags --always)" > .meta
         echo "CISO_ASSISTANT_BUILD=$(git rev-parse --short HEAD)" >> .meta
-        
+
         cp .meta ./backend/
         cp .meta ./backend/ciso_assistant/
-  
-  
+
+
     - name: Build and Push Backend Docker Image
       uses: docker/build-push-action@v5
       with:

.github/workflows/functional-tests.yml

@@ -28,7 +28,7 @@ jobs:
       mailhog:
         image: mailhog/mailhog
         ports: [
-          "1025:1025", 
+          "1025:1025",
           "8025:8025"
         ]
 

LICENSE

@@ -658,4 +658,4 @@ specific requirements.
   You should also get your employer (if you work as a programmer) or school,
 if any, to sign a "copyright disclaimer" for the program, if necessary.
 For more information on this, and how to apply and follow the GNU AGPL, see
-<https://www.gnu.org/licenses/>.
+<https://www.gnu.org/licenses/>.

README.md

@@ -107,7 +107,7 @@ Check out the online documentation on https://intuitem.gitbook.io/ciso-assistant
 <br/>
 
 > [!NOTE]
-> `*` These frameworks require an extra manual step of getting the latest Excel sheet through their website as their license prevent direct usage. 
+> `*` These frameworks require an extra manual step of getting the latest Excel sheet through their website as their license prevent direct usage.
 
 <br/>
 

SECURITY.md

@@ -10,4 +10,4 @@ We typically and primarily support the latest releases of our products for maint
 
 If you discover any issue regarding security, please disclose the information responsibly by sending an email to [email protected] and not by creating a GitHub issue. We'll get back to you ASAP and work with you to confirm and plan a fix for the issue.
 
-Please note that we do not currently offer a bug bounty program.
+Please note that we do not currently offer a bug bounty program.

backend/.dockerignore

@@ -6,4 +6,4 @@
 .pytest*
 .idea*
 .dockerignore
-Dockerfile
+Dockerfile

backend/.gitignore

@@ -17,4 +17,4 @@ db/django_secret_key
 db/pg_password.txt
 ./db/
 .coverage
-pytest-report.html
+pytest-report.html

backend/.meta

@@ -1,2 +1,2 @@
 CISO_ASSISTANT_VERSION=dev
-CISO_ASSISTANT_BUILD=dev
+CISO_ASSISTANT_BUILD=dev

backend/app_tests/test_file.txt

@@ -1 +1 @@
-This is a test file
+This is a test file

backend/ciso_assistant/.meta

@@ -1,2 +1,2 @@
 CISO_ASSISTANT_VERSION=dev
-CISO_ASSISTANT_BUILD=dev
+CISO_ASSISTANT_BUILD=dev

backend/ciso_assistant/scripts/generate_build_file.sh

@@ -37,4 +37,4 @@ main() {
 }"
 }
 
-main "$@"
+main "$@"

backend/core/templates/core/base_pdf.html

@@ -290,4 +290,4 @@
 
 {% block content %}{% endblock %}
 
-</body>
+</body>

backend/core/templates/core/mp_pdf.html

@@ -1,4 +1,4 @@
 {% extends 'core/base_pdf.html' %}
 {% block content %}
 {% include 'snippets/mp_data.html' %}
-{% endblock %}
+{% endblock %}

backend/core/templates/core/ra_pdf.html

@@ -1,4 +1,4 @@
 {% extends 'core/base_pdf.html' %}
 {% block content %}
 {% include 'snippets/ra_data.html' with pdf=True scenarios=context %}
-{% endblock %}
+{% endblock %}

backend/core/templates/registration/first_connexion_email.html

@@ -35,7 +35,7 @@ <h3>{% trans "Your all-in-one GRC Management Platform" %}</h3>
 </p>
 
 <p>
-<a href="{{ root_url }}/first-connexion?uidb64={{ uid }}&token={{ token }}" role="button" data-testid="set-password-btn"> {% trans "Set my password" %}</a> 
+<a href="{{ root_url }}/first-connexion?uidb64={{ uid }}&token={{ token }}" role="button" data-testid="set-password-btn"> {% trans "Set my password" %}</a>
 </p>
 
 <p>{% trans "An issue with the link? copy and paste the following in your browser" %}:</p>
@@ -68,4 +68,4 @@ <h3>{% trans "Your all-in-one GRC Management Platform" %}</h3>
 </body>
 {% endautoescape %}
 
-</html>
+</html>

backend/core/templates/registration/password_reset_email.html

@@ -64,4 +64,4 @@ <h3>{% trans "Your all-in-one GRC Management Platform" %}</h3>
 
 
 
-</html>
+</html>

backend/core/templates/snippets/mp_data.html

@@ -11,20 +11,20 @@
     <p class="p-2 m-2 text-lg font-semibold"> {% trans "Associated risk scenarios" %}: </p>
     <div class="bg-white p-2 m-2 shadow overflow-hidden rounded-lg flex">
         <table class="w-full p-2 mt-2">
-            <thead>    
+            <thead>
             </thead>
             <tbody>
             {% if not context %}
             <tr class="">
-                <td colspan="" class="p-4 m-2 text-xl text-center"><i class="fas fa-exclamation-circle"></i> 
+                <td colspan="" class="p-4 m-2 text-xl text-center"><i class="fas fa-exclamation-circle"></i>
                 {% trans "Risk risk_assessment seems to be empty. Measure Plan cannot be generated." %}
                 </td>
             </tr>
             {% endif %}
             {% for scenario in context %}
             <tr class="bg-gray-100">
                 <td class="text-lg p-3" colspan="9">
-                    <p class="text-indigo-500 hover:text-indigo-700">{{ scenario.rid }}: {{ scenario.name }}</p> 
+                    <p class="text-indigo-500 hover:text-indigo-700">{{ scenario.rid }}: {{ scenario.name }}</p>
                     <span class="text-xs text-center p-1 mx-1 rounded"
                     {% if scenario.treatment == 'open' %}
                     style="background-color: #fed7aa"
@@ -80,14 +80,14 @@
                 </td>
                 <td class="text-center"><span class="text-xs text-gray-900 whitespace-nowrap text-center p-1 mx-1 rounded
                     {% if appliedcontrol.status == 'open' %}
-                    bg-orange-200 
+                    bg-orange-200
                     {% elif appliedcontrol.status == 'in_progress' %}
-                    bg-blue-200 
+                    bg-blue-200
                     {% elif appliedcontrol.status == 'on_hold' %}
-                    bg-red-300 
+                    bg-red-300
                     {% else %}
-                    bg-green-200 
-                    {% endif %}">{{ appliedcontrol.get_status_display|lower }} 
+                    bg-green-200
+                    {% endif %}">{{ appliedcontrol.get_status_display|lower }}
                     </span></td>
             </tr>
             {% endfor %}
@@ -96,4 +96,4 @@
         </table>
     </div>
 
-</main>
+</main>

backend/core/templates/snippets/ra_data.html

@@ -17,7 +17,7 @@
                             {% endfor %}
                           </ul>
                         </li>
-                        <li class="pb-1"><span class="font-semibold">{% trans "Status:" %}</span> {% if risk_assessment.is_draft %} 
+                        <li class="pb-1"><span class="font-semibold">{% trans "Status:" %}</span> {% if risk_assessment.is_draft %}
                         <span class="bg-blue-200 py-1 px-2 rounded-lg">{% trans "Draft" %}</span> {% else %} <span class="bg-green-200 py-1 px-2 rounded-lg">{% trans "Ready" %} </span>{% endif %}
                         </li>
                         <li class="pb-1"><span class="font-semibold">{% trans "Created at:" %}</span> {{ risk_assessment.created_at|date }}</li>

backend/core/templates/snippets/risk_matrix.html

@@ -85,7 +85,7 @@
         <div class="text-black font-bold text-center mx-auto mt-4">
             {% trans "Impact" %}
         </div>
-    </div>   
+    </div>
     <div class="w-full flex flex-col justify-start">
         <h3 class="flex font-semibold p-2 m-2 text-md">{% trans "Risk levels" %}</h3>
         <div class="flex justify-start mx-2">

backend/library/libraries/owasp-top-10-web.yaml

@@ -47,7 +47,7 @@ objects:
         Insecure design is a broad category representing different weaknesses,
         expressed as missing or ineffective control design.
     - urn: urn:intuitem:risk:threat:A05
-      ref_id: A05 
+      ref_id: A05
       name: Security Misconfiguration
       description:
         "The application might be vulnerable if the application is: Missing

docker-compose-build.sh

@@ -19,7 +19,7 @@ else
     prepare_meta_file
 
     # Build and start the containers
-    docker compose -f docker-compose-build.yml build 
+    docker compose -f docker-compose-build.yml build
     docker compose -f docker-compose-build.yml up -d
 
     # Perform database migrations

documentation/architecture/data-model.md

@@ -41,7 +41,7 @@ erDiagram
     ROOT_FOLDER           ||--o{ ROLE                        : contains
     ROOT_FOLDER           ||--o{ ROLE_ASSIGNMENT             : contains
     ROOT_FOLDER_OR_DOMAIN ||--o{ EVIDENCE                    : contains
-    ROOT_FOLDER_OR_DOMAIN ||--o{ APPLIED_CONTROL             : contains  
+    ROOT_FOLDER_OR_DOMAIN ||--o{ APPLIED_CONTROL             : contains
     ROOT_FOLDER_OR_DOMAIN ||--o{ RISK_ACCEPTANCE             : contains
     ROOT_FOLDER_OR_DOMAIN ||--o{ ASSET                       : contains
     ROOT_FOLDER_OR_DOMAIN ||--o{ THREAT                      : contains
@@ -112,7 +112,7 @@ erDiagram
         int     min_score
         int     max_score
         json    score_definition
-    } 
+    }
 
     COMPLIANCE_ASSESSMENT {
         string      name
@@ -333,8 +333,8 @@ FolderMixin          <|-- UserGroup
 FolderMixin          <|-- User
 AbstractBaseModel    <|-- User
 AbstractBaseUser     <|-- User
-NameDescriptionMixin <|-- Role 
-FolderMixin          <|-- Role 
+NameDescriptionMixin <|-- Role
+FolderMixin          <|-- Role
 NameDescriptionMixin <|-- RoleAssignment
 FolderMixin          <|-- RoleAssignment
 
@@ -436,8 +436,8 @@ ReferentialObjectMixin <|-- RequirementLevel
 ReferentialObjectMixin <|-- RequirementNode
 ReferentialObjectMixin <|-- Mapping
 NameDescriptionMixin   <|-- Assessment
-FolderMixin            <|-- Project 
-NameDescriptionMixin   <|-- Project 
+FolderMixin            <|-- Project
+NameDescriptionMixin   <|-- Project
 FolderMixin            <|-- Asset
 NameDescriptionMixin   <|-- Asset
 FolderMixin            <|-- Evidence
@@ -566,7 +566,7 @@ namespace DomainObjects {
         +DateField expiry_date
         +CharField link
         +CharField effort
-        
+
         +RiskScenario[] risk_scenarios()
         +RiskAssessments[] risk_assessments()
         +Project[] projects()
@@ -609,7 +609,7 @@ class RiskAssessment {
     +get_scenario_count() int
     +quality_check()
     +risk_scoring(probability, impact, risk_matrix) int
-}    
+}
 
 
 class ComplianceAssessment {
@@ -645,7 +645,7 @@ class RiskScenario {
     +CharField treatment
     +CharField strength_of_knowledge
     +CharField justification
-    
+
     +Project parent_project()
     +RiskMatrix get_matrix()
     +get_current_risk(s) int
@@ -721,7 +721,7 @@ Threats are referential objects used to clarify the aim of a requirement node or
 Reference controls are templates for Applied controls. They facilitate the creation of a applied  control, and help to have consistent Applied controls. They are not mandatory to create a applied  control, but recommended.
 
 Reference controls have a category within the following possibilities: --/Policy/Process/Technical/Physical.
- 
+
 ## Applied controls
 
 Applied controls are fundamental objects for compliance and remediation. They can derive from a reference control, which provides better consistency, or be independent.
@@ -761,11 +761,11 @@ The state of a review can be: created/submitted/validated/changes requested/depr
 
 When a compliance assessment is created, each requirement of the corresponding framework is linked to a requirement assessment object. To cover a requirement, the assessor shall link it to Applied controls.
 
-Here are the specific fields for requirement assessments: 
+Here are the specific fields for requirement assessments:
 - status: --/to do/in progress/done.
 - result: --/compliant/non-compliant minor/non-compliant major/not applicable
 - score: --/<integer value from min_score to max_score>.
-- ETA (Estimated Time of Arrival) date 
+- ETA (Estimated Time of Arrival) date
 - due date. This is for example useful to organize an audit plan.
 
 The compliance assessment score is a read-only field which is calculated when at least one requirement assessment is scored. We calculate the average of scored requriement assessments (ignoring requirement assessments with an undefined score).
@@ -811,7 +811,7 @@ The risk evaluation is automatically done based on the selected risk matrix.
 
 ## Risk matrices
 
-Risk matrices are referential objects that are imported from a library. 
+Risk matrices are referential objects that are imported from a library.
 
 The definition JSON field has the following format:
 
@@ -835,7 +835,7 @@ The definition JSON field has the following format:
             {"abbreviation": "H", "name": "High", "description": "unacceptable risk", "hexcolor": "#FF0000"}
         ],
         "grid": [
-            [1, 2, 2], 
+            [1, 2, 2],
             [0, 1, 2],
             [0, 0, 1]]
   }
@@ -895,7 +895,7 @@ Referential objects can be downloaded from a library. They are called "global re
 
 Conversely, a referential object with a null URN is called a "local referential object" has the following characteristics:
 - it is created by a user in a given domain (not in the root folder)
-- it can be edited with proper permission. 
+- it can be edited with proper permission.
 - The URN cannot be edited and is hidden.
 - default_locale=True (non-localized object)
 
@@ -908,7 +908,7 @@ Framework and risk matrix objects can only come from a library.
 
 The URN allows in particular having a threat or reference control used in several frameworks.
 
-It is possible to mix global and local referential objects. For example, a client can use threats coming from the MITRE referential and also define custom threats directly in CISO Assistant. 
+It is possible to mix global and local referential objects. For example, a client can use threats coming from the MITRE referential and also define custom threats directly in CISO Assistant.
 
 Note: links to URN occur only in libraries, links in the database shall always use the UUID of the object.
 
@@ -995,4 +995,3 @@ Built-in objects are predefined in CISO Assistant. They can be viewed following
 Types that can be built-in are: folders, roles, role assignments and groups.
 
 Names of built-in objects can be internationalized.
-

frontend/project.inlang/project_id

@@ -1 +1 @@
-60a4f66cd6e3931731f3b9cda5ab2dbf6d9162025e72699c5708e0086a9c3a67
+60a4f66cd6e3931731f3b9cda5ab2dbf6d9162025e72699c5708e0086a9c3a67

frontend/src/lib/components/ModelTable/ModelTable.svelte

@@ -264,7 +264,7 @@
             <slot name="actions" meta={row.meta}>
             {#if row.meta[identifierField]}
               {@const actionsComponent = field_component_map['actions']}
-              <TableRowActions 
+              <TableRowActions
                 deleteForm={!row.meta.builtin ? deleteForm : undefined}
                 model={URL_MODEL_MAP[URLModel]}
                 {URLModel}

frontend/tests/Dockerfile

@@ -8,4 +8,4 @@ COPY ../package*.json .
 RUN npm ci
 RUN npx playwright install --with-deps
 COPY .. .
-EXPOSE 9323
+EXPOSE 9323

frontend/tests/utils/test_file.txt

@@ -1 +1 @@
-This is a test file
+This is a test file

git_hooks/post-commit

@@ -1,3 +1,3 @@
 #!/usr/bin/env bash
 
-exec ciso_assistant/scripts/generate_build_file.sh > ciso_assistant/build.json
+exec ciso_assistant/scripts/generate_build_file.sh > ciso_assistant/build.json

git_hooks/post-merge

@@ -1,3 +1,3 @@
 #!/usr/bin/env bash
 
-exec ciso_assistant/scripts/generate_build_file.sh > ciso_assistant/build.json
+exec ciso_assistant/scripts/generate_build_file.sh > ciso_assistant/build.json