Update dependencies

python/.cdktg.out/manifest.json

@@ -1,5 +1,5 @@
 {
-    "version": "0.0.18",
+    "version": "0.0.22",
     "models": {
         "Model Stub": {
             "name": "Model Stub",

python/.cdktg.out/models/ModelStub.yml

@@ -7,6 +7,8 @@ author:
   name: John Doe
   homepage: null
 management_summary_comment: null
+business_overview: null
+technical_overview: null
 business_criticality: important
 questions: {}
 abuse_cases: {}

python/dist/ModelStub/threagile.yaml

@@ -7,6 +7,8 @@ author:
   name: John Doe
   homepage: null
 management_summary_comment: null
+business_overview: null
+technical_overview: null
 business_criticality: important
 questions: {}
 abuse_cases: {}

python/package.json

@@ -8,6 +8,6 @@
     "model:analyse": "cdktg analyse"
   },
   "devDependencies": {
-    "cdktg": "^0.0.18"
+    "cdktg": "^0.0.22"
   }
 }

python/requirements.txt

@@ -1,2 +1,2 @@
 constructs>=10.0.0
-cdktg>=0.0.18
+cdktg>=0.0.22

typescript/.cdktg.out/manifest.json

@@ -1,5 +1,5 @@
 {
-    "version": "0.0.18",
+    "version": "0.0.22",
     "models": {
         "Model Stub": {
             "name": "Model Stub",

typescript/.cdktg.out/models/ModelStub.yml

@@ -7,6 +7,8 @@ author:
   name: John Doe
   homepage: null
 management_summary_comment: null
+business_overview: null
+technical_overview: null
 business_criticality: important
 questions: {}
 abuse_cases: {}

typescript/dist/ModelStub/risks.json

@@ -1 +1 @@
-[{"category":"unencrypted-asset","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eUnencrypted Technical Asset\u003c/b\u003e named \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"unencrypted-asset@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-other-technical-asset"]},{"category":"unencrypted-asset","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eUnencrypted Technical Asset\u003c/b\u003e named \u003cb\u003eSome Technical Asset\u003c/b\u003e","synthetic_id":"unencrypted-asset@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset"]},{"category":"mixed-targets-on-shared-runtime","risk_status":"unchecked","severity":"low","exploitation_likelihood":"unlikely","exploitation_impact":"low","title":"\u003cb\u003eMixed Targets on Shared Runtime\u003c/b\u003e named \u003cb\u003eSome Shared Runtime\u003c/b\u003e might enable attackers moving from one less valuable target to a more valuable one","synthetic_id":"mixed-targets-on-shared-runtime@some-shared-runtime","most_relevant_data_asset":"","most_relevant_technical_asset":"","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"some-shared-runtime","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset","some-other-technical-asset"]},{"category":"missing-authentication","risk_status":"unchecked","severity":"elevated","exploitation_likelihood":"likely","exploitation_impact":"medium","title":"\u003cb\u003eMissing Authentication\u003c/b\u003e covering communication link \u003cb\u003eSome Traffic\u003c/b\u003e from \u003cb\u003eSome Technical Asset\u003c/b\u003e to \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"missing-authentication@some-technical-asset\u003esome-traffic@some-technical-asset@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"some-technical-asset\u003esome-traffic","data_breach_probability":"possible","data_breach_technical_assets":["some-other-technical-asset"]},{"category":"server-side-request-forgery","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"likely","exploitation_impact":"low","title":"\u003cb\u003eServer-Side Request Forgery (SSRF)\u003c/b\u003e risk at \u003cb\u003eSome Technical Asset\u003c/b\u003e server-side web-requesting the target \u003cb\u003eSome Other Technical Asset\u003c/b\u003e via \u003cb\u003eSome Traffic\u003c/b\u003e","synthetic_id":"server-side-request-forgery@some-technical-asset@some-other-technical-asset@some-technical-asset\u003esome-traffic","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"some-technical-asset\u003esome-traffic","data_breach_probability":"possible","data_breach_technical_assets":["some-technical-asset"]},{"category":"missing-hardening","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"likely","exploitation_impact":"low","title":"\u003cb\u003eMissing Hardening\u003c/b\u003e risk at \u003cb\u003eSome Technical Asset\u003c/b\u003e","synthetic_id":"missing-hardening@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset"]},{"category":"missing-vault","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eMissing Vault (Secret Storage)\u003c/b\u003e in the threat model (referencing asset \u003cb\u003eSome Technical Asset\u003c/b\u003e as an example)","synthetic_id":"missing-vault@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":[]},{"category":"missing-waf","risk_status":"unchecked","severity":"low","exploitation_likelihood":"unlikely","exploitation_impact":"low","title":"\u003cb\u003eMissing Web Application Firewall (WAF)\u003c/b\u003e risk at \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"missing-waf@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-other-technical-asset"]}]
+[{"category":"mixed-targets-on-shared-runtime","risk_status":"unchecked","severity":"low","exploitation_likelihood":"unlikely","exploitation_impact":"low","title":"\u003cb\u003eMixed Targets on Shared Runtime\u003c/b\u003e named \u003cb\u003eSome Shared Runtime\u003c/b\u003e might enable attackers moving from one less valuable target to a more valuable one","synthetic_id":"mixed-targets-on-shared-runtime@some-shared-runtime","most_relevant_data_asset":"","most_relevant_technical_asset":"","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"some-shared-runtime","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset","some-other-technical-asset"]},{"category":"missing-authentication","risk_status":"unchecked","severity":"elevated","exploitation_likelihood":"likely","exploitation_impact":"medium","title":"\u003cb\u003eMissing Authentication\u003c/b\u003e covering communication link \u003cb\u003eSome Traffic\u003c/b\u003e from \u003cb\u003eSome Technical Asset\u003c/b\u003e to \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"missing-authentication@some-technical-asset\u003esome-traffic@some-technical-asset@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"some-technical-asset\u003esome-traffic","data_breach_probability":"possible","data_breach_technical_assets":["some-other-technical-asset"]},{"category":"server-side-request-forgery","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"likely","exploitation_impact":"low","title":"\u003cb\u003eServer-Side Request Forgery (SSRF)\u003c/b\u003e risk at \u003cb\u003eSome Technical Asset\u003c/b\u003e server-side web-requesting the target \u003cb\u003eSome Other Technical Asset\u003c/b\u003e via \u003cb\u003eSome Traffic\u003c/b\u003e","synthetic_id":"server-side-request-forgery@some-technical-asset@some-other-technical-asset@some-technical-asset\u003esome-traffic","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"some-technical-asset\u003esome-traffic","data_breach_probability":"possible","data_breach_technical_assets":["some-technical-asset"]},{"category":"missing-hardening","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"likely","exploitation_impact":"low","title":"\u003cb\u003eMissing Hardening\u003c/b\u003e risk at \u003cb\u003eSome Technical Asset\u003c/b\u003e","synthetic_id":"missing-hardening@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset"]},{"category":"missing-vault","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eMissing Vault (Secret Storage)\u003c/b\u003e in the threat model (referencing asset \u003cb\u003eSome Technical Asset\u003c/b\u003e as an example)","synthetic_id":"missing-vault@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":[]},{"category":"missing-waf","risk_status":"unchecked","severity":"low","exploitation_likelihood":"unlikely","exploitation_impact":"low","title":"\u003cb\u003eMissing Web Application Firewall (WAF)\u003c/b\u003e risk at \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"missing-waf@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-other-technical-asset"]},{"category":"unencrypted-asset","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eUnencrypted Technical Asset\u003c/b\u003e named \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"unencrypted-asset@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-other-technical-asset"]},{"category":"unencrypted-asset","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eUnencrypted Technical Asset\u003c/b\u003e named \u003cb\u003eSome Technical Asset\u003c/b\u003e","synthetic_id":"unencrypted-asset@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset"]}]

typescript/dist/ModelStub/threagile.yaml

@@ -7,6 +7,8 @@ author:
   name: John Doe
   homepage: null
 management_summary_comment: null
+business_overview: null
+technical_overview: null
 business_criticality: important
 questions: {}
 abuse_cases: {}

typescript/package.json

@@ -8,7 +8,7 @@
     "model:analyse": "cdktg analyse"
   },
   "dependencies": {
-    "cdktg": "^0.0.18",
+    "cdktg": "^0.0.22",
     "constructs": "^10.1.42"
   },
   "devDependencies": {

typescript/yarn.lock

@@ -92,10 +92,10 @@ axios@^0.27.2:
     follow-redirects "^1.14.9"
     form-data "^4.0.0"
 
-cdktg@^0.0.18:
-  version "0.0.18"
-  resolved "https://registry.yarnpkg.com/cdktg/-/cdktg-0.0.18.tgz#c8b9f714c6e034fdfb3140d3d99f91a28e0b2c7d"
-  integrity sha512-apnxeBmVrWPXGaEsrcAZfX0lpd6MDRp+gSM/9MNIZomD7KEr1XmV/7R1VKwit/LIkJbHy+btrpZEtqanSRP2MA==
+cdktg@^0.0.22:
+  version "0.0.22"
+  resolved "https://registry.yarnpkg.com/cdktg/-/cdktg-0.0.22.tgz#629a6f3d9050bb2ff501032b6b06c63c09e967c2"
+  integrity sha512-dtBWOSvyUKuWOnaJGRI4g3qlXfiM6wmn7sO5PGks8al1C0SzRiM3/4IBS1tO9hsNpspcZHKwsF8RjHvK5Bd0Pw==
   dependencies:
     adm-zip "0.5.6"
     axios "^0.27.2"