chore: integrate with latest gemara layer4

Signed-off-by: Travis Truman <trumant@gmail.com>

Author: trumant

evaluation_plans/osps/access_control/evaluations.go

@@ -10,7 +10,7 @@ import (
 
 func OSPS_AC_01() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-AC-01",
+		ControlId: "OSPS-AC-01",
 	}
 
 	evaluation.AddAssessment(
@@ -31,7 +31,7 @@ func OSPS_AC_01() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_AC_02() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-AC-02",
+		ControlId: "OSPS-AC-02",
 	}
 
 	evaluation.AddAssessment(
@@ -52,7 +52,7 @@ func OSPS_AC_02() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_AC_03() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-AC-03",
+		ControlId: "OSPS-AC-03",
 	}
 
 	evaluation.AddAssessment(
@@ -86,7 +86,7 @@ func OSPS_AC_03() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_AC_04() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-AC-04",
+		ControlId: "OSPS-AC-04",
 	}
 
 	evaluation.AddAssessment(

evaluation_plans/osps/access_control/steps.go

@@ -6,7 +6,7 @@ import (
 	"github.com/revanite-io/pvtr-github-repo/evaluation_plans/reusable_steps"
 )
 
-func orgRequiresMFA(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func orgRequiresMFA(payloadData any) (result layer4.Result, message string) {
 	payload, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -22,7 +22,7 @@ func orgRequiresMFA(payloadData any, _ map[string]*layer4.Change) (result layer4
 	return layer4.Failed, "Two-factor authentication is NOT configured as required by the parent organization"
 }
 
-func branchProtectionRestrictsPushes(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func branchProtectionRestrictsPushes(payloadData any) (result layer4.Result, message string) {
 	payload, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -42,7 +42,7 @@ func branchProtectionRestrictsPushes(payloadData any, _ map[string]*layer4.Chang
 	return
 }
 
-func branchProtectionPreventsDeletion(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func branchProtectionPreventsDeletion(payloadData any) (result layer4.Result, message string) {
 	payload, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -60,7 +60,7 @@ func branchProtectionPreventsDeletion(payloadData any, _ map[string]*layer4.Chan
 	return
 }
 
-func workflowDefaultReadPermissions(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func workflowDefaultReadPermissions(payloadData any) (result layer4.Result, message string) {
 	payload, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message

evaluation_plans/osps/access_control/steps_test.go

@@ -61,7 +61,7 @@ func Test_orgRequiresMFA(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			gotResult, gotMessage := orgRequiresMFA(tt.payload, map[string]*layer4.Change{})
+			gotResult, gotMessage := orgRequiresMFA(tt.payload)
 			assert.Equal(t, tt.wantResult, gotResult)
 			assert.Equal(t, tt.wantMessage, gotMessage)
 		})

evaluation_plans/osps/build_release/evaluations.go

@@ -10,7 +10,7 @@ import (
 
 func OSPS_BR_01() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-BR-01",
+		ControlId: "OSPS-BR-01",
 	}
 
 	evaluation.AddAssessment(
@@ -44,7 +44,7 @@ func OSPS_BR_01() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_BR_02() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-BR-02",
+		ControlId: "OSPS-BR-02",
 	}
 
 	evaluation.AddAssessment(
@@ -78,7 +78,7 @@ func OSPS_BR_02() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_BR_03() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-BR-03",
+		ControlId: "OSPS-BR-03",
 	}
 
 	evaluation.AddAssessment(
@@ -113,7 +113,7 @@ func OSPS_BR_03() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_BR_04() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-BR-04",
+		ControlId: "OSPS-BR-04",
 	}
 
 	evaluation.AddAssessment(
@@ -134,7 +134,7 @@ func OSPS_BR_04() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_BR_05() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-BR-05",
+		ControlId: "OSPS-BR-05",
 	}
 
 	evaluation.AddAssessment(
@@ -154,7 +154,7 @@ func OSPS_BR_05() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_BR_06() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-BR-06",
+		ControlId: "OSPS-BR-06",
 	}
 
 	evaluation.AddAssessment(
@@ -176,7 +176,7 @@ func OSPS_BR_06() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_BR_07() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-BR-07",
+		ControlId: "OSPS-BR-07",
 	}
 
 	evaluation.AddAssessment(

evaluation_plans/osps/build_release/steps.go

@@ -33,7 +33,7 @@ var untrustedVarsRegex = `.*(github\.event\.issue\.title|` +
 	`github\.event\.pull_request\.head\.repo\.default_branch|` +
 	`github\.head_ref).*`
 
-func cicdSanitizedInputParameters(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func cicdSanitizedInputParameters(payloadData any) (result layer4.Result, message string) {
 
 	// parse the payload and see if we pass our checks
 	data, message := reusable_steps.VerifyPayload(payloadData)
@@ -154,7 +154,7 @@ func pullVariablesFromScript(script string) []string {
 
 }
 
-func releaseHasUniqueIdentifier(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func releaseHasUniqueIdentifier(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -232,7 +232,7 @@ func insecureURI(uri string) bool {
 	return true
 }
 
-func ensureInsightsLinksUseHTTPS(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func ensureInsightsLinksUseHTTPS(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -251,7 +251,7 @@ func ensureInsightsLinksUseHTTPS(payloadData any, _ map[string]*layer4.Change) (
 	return layer4.Passed, "All links use HTTPS"
 }
 
-func ensureLatestReleaseHasChangelog(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func ensureLatestReleaseHasChangelog(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -264,7 +264,7 @@ func ensureLatestReleaseHasChangelog(payloadData any, _ map[string]*layer4.Chang
 	return layer4.Failed, "The latest release does not have mention of a changelog: \n" + releaseDescription
 }
 
-func insightsHasSlsaAttestation(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func insightsHasSlsaAttestation(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -280,7 +280,7 @@ func insightsHasSlsaAttestation(payloadData any, _ map[string]*layer4.Change) (r
 	return layer4.Failed, "No SLSA attestation found in security insights"
 }
 
-func distributionPointsUseHTTPS(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func distributionPointsUseHTTPS(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -304,7 +304,7 @@ func distributionPointsUseHTTPS(payloadData any, _ map[string]*layer4.Change) (r
 	return layer4.Passed, "All distribution points use HTTPS"
 }
 
-func secretScanningInUse(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func secretScanningInUse(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message

evaluation_plans/osps/docs/evaluations.go

@@ -10,7 +10,7 @@ import (
 
 func OSPS_DO_01() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-DO-01",
+		ControlId: "OSPS-DO-01",
 	}
 
 	evaluation.AddAssessment(
@@ -33,7 +33,7 @@ func OSPS_DO_01() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_DO_02() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-DO-02",
+		ControlId: "OSPS-DO-02",
 	}
 
 	evaluation.AddAssessment(
@@ -56,7 +56,7 @@ func OSPS_DO_02() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_DO_03() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-DO-03",
+		ControlId: "OSPS-DO-03",
 	}
 
 	evaluation.AddAssessment(
@@ -90,7 +90,7 @@ func OSPS_DO_03() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_DO_04() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-DO-04",
+		ControlId: "OSPS-DO-04",
 	}
 
 	evaluation.AddAssessment(
@@ -109,7 +109,7 @@ func OSPS_DO_04() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_DO_05() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-DO-05",
+		ControlId: "OSPS-DO-05",
 	}
 
 	evaluation.AddAssessment(
@@ -128,7 +128,7 @@ func OSPS_DO_05() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_DO_06() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-DO-06",
+		ControlId: "OSPS-DO-06",
 	}
 
 	evaluation.AddAssessment(

evaluation_plans/osps/docs/steps.go

@@ -6,7 +6,7 @@ import (
 	"github.com/revanite-io/pvtr-github-repo/evaluation_plans/reusable_steps"
 )
 
-func hasSupportDocs(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func hasSupportDocs(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -20,7 +20,7 @@ func hasSupportDocs(payloadData any, _ map[string]*layer4.Change) (result layer4
 	return layer4.Failed, "A support.md file or support statements in the readme.md was NOT found"
 }
 
-func hasUserGuides(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func hasUserGuides(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -33,7 +33,7 @@ func hasUserGuides(payloadData any, _ map[string]*layer4.Change) (result layer4.
 	return layer4.Passed, "User guide was specified in Security Insights data"
 }
 
-func acceptsVulnReports(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func acceptsVulnReports(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -46,7 +46,7 @@ func acceptsVulnReports(payloadData any, _ map[string]*layer4.Change) (result la
 	return layer4.Failed, "Repository does not accept vulnerability reports"
 }
 
-func hasSignatureVerificationGuide(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func hasSignatureVerificationGuide(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -59,7 +59,7 @@ func hasSignatureVerificationGuide(payloadData any, _ map[string]*layer4.Change)
 	return layer4.Passed, "Signature verification guide was specified in Security Insights data"
 }
 
-func hasDependencyManagementPolicy(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func hasDependencyManagementPolicy(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -72,7 +72,7 @@ func hasDependencyManagementPolicy(payloadData any, _ map[string]*layer4.Change)
 	return layer4.Passed, "Dependency management policy was specified in Security Insights data"
 }
 
-func hasIdentityVerificationGuide(payloadData any, _ map[string]*layer4.Change) (result layer4.Result, message string) {
+func hasIdentityVerificationGuide(payloadData any) (result layer4.Result, message string) {
 	data, message := reusable_steps.VerifyPayload(payloadData)
 	if message != "" {
 		return layer4.Unknown, message
@@ -83,4 +83,4 @@ func hasIdentityVerificationGuide(payloadData any, _ map[string]*layer4.Change)
 	}
 
 	return layer4.Passed, "Identity verification guide was specified in Security Insights data (found in signature-verification field)"
-}
+}

evaluation_plans/osps/governance/evaluations.go

@@ -10,7 +10,7 @@ import (
 
 func OSPS_GV_01() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-GV-01",
+		ControlId: "OSPS-GV-01",
 	}
 
 	evaluation.AddAssessment(
@@ -45,7 +45,7 @@ func OSPS_GV_01() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_GV_02() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-GV-02",
+		ControlId: "OSPS-GV-02",
 	}
 
 	evaluation.AddAssessment(
@@ -66,7 +66,7 @@ func OSPS_GV_02() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_GV_03() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-GV-03",
+		ControlId: "OSPS-GV-03",
 	}
 
 	evaluation.AddAssessment(
@@ -102,7 +102,7 @@ func OSPS_GV_03() (evaluation *layer4.ControlEvaluation) {
 
 func OSPS_GV_04() (evaluation *layer4.ControlEvaluation) {
 	evaluation = &layer4.ControlEvaluation{
-		ControlID: "OSPS-GV-04",
+		ControlId: "OSPS-GV-04",
 	}
 
 	evaluation.AddAssessment(