Added SSVC Calculator and fixed uv editable requirements.txt file. (#937)

Author: ahouseholder

docs/ssvc-calc/css.css

@@ -1,4 +1,4 @@
-/* css version 2.2.9 */
+/* css version 2.2.10 */
 #helper {
     background-color: rgba(255,255,255,0.95);
     border: 1px solid grey;
@@ -464,3 +464,7 @@ pre {
 textPath {
 cursor: pointer;
 }
+.blackbody .swal2-popup {
+  background: #222;
+  color: #eee;
+}

docs/ssvc-calc/findex.html

@@ -52,9 +52,10 @@
     <link rel="stylesheet" href="main.css">
     <link rel="stylesheet" href="css.css?v=1663537129">
     <script src="ungraph.js?v=1663537129"></script>
+    <script src="https://cdn.jsdelivr.net/npm/sweetalert2@11" async defer></script>
   </head>
   <body class="text-center whitebody">
-    <img src="moon_icon.png" class="cert-tweet" alt="CERT Logo"
+    <img src="moon_icon.png" class="cert-tweet" alt="CERT Logo" style="display:none"
          onclick="$('body').toggleClass('blackbody').toggleClass('whitebody')"/>
     <div class="tright" style="display:none">
       <a href="javascript:void(0)" onclick="$('#helper').show()"
@@ -97,48 +98,39 @@ <h3 class="brand">
 
       <main class="inner cover">
 	<h4 class="cover-heading">
-	  <select id="graph-ungraph" class="form-control mauto"
-		  onchange="swapg(this)">
-	    <option value="Graphic">Mode: Graphic</option>
-	    <option value="Analyst">Mode: Analyst</option>		
-	  </select>	      
-	  Dryad - SSVC Calc App
+	  Sample Decision Models:
 	  <select id="tree_samples" class="form-control impselector embedded" style="border: 1px solid"
 		   onchange="tree_process(this)">
 	    <option value="">Select</option>
 	    <option value="import">Import Tree</option>
 	  </select>
-	  
+	  <button class="btn btn-sm btn-outline-info" onclick="promptMultipleCVEs()">
+	    Multiple CVEs
+	  </button>
 	  <div class="cover_heading_append d-none">
 	    (CISA Coordinator v2)
 	  </div>
 	  <button type="button" class="btn btn-secondary" id="exportopen"
 		  data-toggle="tooltip" data-placement="bottom"
-		  title="Show Export" style="display:none"
+		  title="Show Export" 
 		  onclick="export_show(false)">
-	    Export</button>
-	  
+	    Export
+	  </button>
 	</h4>
 	<div class="alert" id="topalert" role="alert">
 	  This is an alert!
 	</div>
-	<p class="lead graphy">
+	<p class="lead graphy-old" style="display:none">
 	  <button type="button" class="btn btn-primary" id="dt_start"
 		  data-toggle="tooltip" data-placement="bottom"
-		  title="Start walking the SSVC decision tree"
-		  onclick="dt_start()">
-	    Start Decision</button>
+		  title="Use SSVC Decision Tree to evaluate one or more vulnerabilities"
+		  onclick="evaluate_vuls()">
+	    Evaluate Vulnerability</button>
 	  <button type="button" class="btn btn-danger" id="dt_clear"
 		  data-toggle="tooltip" data-placement="bottom"
 		  title="Clear all decisions and start over"
-		  onclick="dt_clear()">
-	    Clear All</button>
-	  <button type="button" class="btn btn-info" id="dt_full_tree"
-		  data-toggle="tooltip" data-placement="bottom"
-		  title="Explore the full decision tree of this SSVC Instance"
-		  onclick="show_full_tree()">
-	    Show Full Tree
-	  </button>
+		  onclick="check_all()">
+	    Check All</button>
 	  <a href="javascript:void(0)" title="View previous score"
 	     alt="View previous score" id="table_toggle" style="display:none"
 	     onclick="cve_table_toggle()">
@@ -151,13 +143,15 @@ <h4 class="cover-heading">
 	    <tbody><tr></tr></tbody>
 	  </table>
 	</p>
+	<section id="evaluate_section"></section>
 	<div id="zoomcontrol" class="graphy embedded d-none">
 	  <div class="d-none">&#128269;</div>
 	  <input type="range" orient="vertical" alt="Zoom Graph"
 		 max="100" min="0" value="100" title="Zoom Graph"
 		 onchange="svgzoom(this)">
-	  </div>
-	<div id="graph" class="position-relative graphy embedded" style="margin-left: 20px">
+	</div>	
+	<div id="graph" class="position-relative graphy embedded"
+	     style="border: 1px solid rgba(1,1,1,0.1)">
 	</div>
 	<div id="ungraph" class="position-relative d-none">
 	  <table class="table table-borderless">
@@ -429,70 +423,79 @@ <h4>Decision Tree Usage:</h4>
     </div>
     <div id="exporter" class="d-none">
       <div class="row justify-content-center position-absolute exportdiv">
-	<div class="export-header">
-	  <h3> Export Calculated Score</h3>
-	  <button type="button" aria-label="Close" class="close h3" onclick="$(this).parent().parent().remove()">
+	<div class="export-header" style="padding-bottom:8px">
+	  <h3> Export Calculated SSVC Score</h3>
+	  <button type="button" aria-label="Close" class="close h3" onclick="export_close()">
 	    <span aria-hidden="true">×</span>
 	  </button>
 	</div>
 	  <div class="col-auto">
 	    <table class="table table-borderless w-auto">
 	      <tbody>
 		<tr>
-		  <td>
-		    <input type="text" placeholder="ID CVE/VU#"
-			   class="form-control exportId">
+		  <td style="padding:2px">
+		    <label>
+		    Timestamp: <input type="text" placeholder="timestamp UTC like 2025-01-01T12:00:00Z" name="timestamp"
+			   class="form-control timestamp" pattern="[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]+)?Z" style="width:auto; display:inline-block;min-width:24ch;">
+		    </label>
+		    <label class="custom-control custom-switch">
+		      <input class="custom-control-input" type="checkbox" name="include_outcome" checked>
+		      <span class="custom-control-label">Include Outcomes</span>
+		    </label>
+		    <label class="custom-control custom-switch">
+		      <input type="checkbox" class="custom-control-input export-resources"
+			     onchange="export_optional(this.checked)">
+		      <span class="custom-control-label text-muted">Provide resource information</span>
+		    </label>
 		  </td>
 		</tr>
-		<tr>
-		  <td>
-		    <select  class="form-control exportRole">
-		      <option value="" disabled selected>Select Role</option>
-		      <option>Coordinator</option>
-		      <option>Supplier</option>
-		      <option>Deployer</option>
-		      <option>Other</option>
-		    </select>
+		<tr class="export-optional d-none">
+		  <td style="padding:2px">
+		    <div style="border: 1px dotted grey">
+		      For Vulnerability:
+		     <span class="vulninfo text-muted"></span>
+		    
+		    <ul style="margin-bottom:1px">
+		      <li style="list-style:none; position:relative; border: 1px dashed grey;">
+		      <input type="text" placeholder="URL of Decision Tree schema" name="decision_point_resources-0-uri"class="form-control">
+		      <input type="text" placeholder="Description of Decision Tree URL" name="decision_point_resources-0-summary" class="form-control">
+		      <button class="btn" title="Add Row" style="position:absolute; right:0px; bottom: 0px"
+			      aria-label="Add Row"
+			      onclick="duplicate(this.parentNode)">
+			 <span aria-hidden="true">&#8853;</span>
+		      </button>
+		      </li>
+		    </ul>
+		    <ul style="margin-bottom:1px">
+		      <li style="list-style:none; position:relative; border: 1px dashed grey;">
+			<input type="text" placeholder="URL of resources used for selection" name="references-0-uri" class="form-control">
+			<input type="text" placeholder="Description of the Resources URL" name="references-0-summary" class="form-control">
+			<button class="btn" title="Add Row" style="position:absolute; right:0px; bottom: 0px"
+			      aria-label="Add Row"
+			      onclick="duplicate(this.parentNode)">
+			  <span aria-hidden="true">&#8853;</span>
+			</button>			
+		      </li>
+		    </ul>
+		    </div>
 		  </td>
-		</tr>
+		</tr>		
 		<tr>
-		  <td>
-		    <div>
-		      <span class="text ssvcvector d-inline">
-		      </span>
-		      <span onclick="copym('#graph .ssvcvector')">
-			<img src="icons8-copy-60.png"
-			     class="icon8"/>
-		      </span>
-		      <span onclick="create_permalink('copy')">
-			<img src="icons8-copy-link-48.png"
-			     class="icon8"/>
-		      </span>
-		      <br/>
-		      <span class="permalink d-none"
-			    style="font-size:1px; position:fixed">
-		      </span>
-		    </div>
+		  <td style="padding:2px">
+		    <label class="custom-control custom-switch">
+			<input type="checkbox" unchecked="" class="custom-control-input includetree" value="">
+			<span class="custom-control-label text-muted">Include decision tree in export</span>
+		    </label>
 
-		    <input type="checkbox" class="includetree" unchecked>
-		    <span class="text-muted">
-		      Include decision tree in export
-		    </span>
-		    <div>
-		      Contact: 
-		      <input type="text" id="contact" class="form-control"
-			     value="DHS CISA can be contacted at cisa@cisa.dhs.gov"/>
-		    </div>
-		    <br/>
 		    <div class="btn-group primary-button Exporter">
 		      <button type="button" class="btn btn-primary dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
 			Export
 		      </button>
 		      <div class="dropdown-menu">
-			<a class="dropdown-item" href="javascript:void(0)"
-			   onclick="export_json()">JSON</a>
-			<a class="dropdown-item" href="javascript:void(0)"
-			   onclick="export_pdf()">PDF</a>
+			<button class="dropdown-item" href="javascript:void(0)"
+				onclick="export_json()">JSON</button>
+			<button class="dropdown-item" href="javascript:void(0)" disabled
+				onclick="export_pdf()">PDF</button>
 			<!-- 
 			     <div class="dropdown-divider"></div>
 			     <a class="dropdown-item" href="#">Separated link</a>

docs/ssvc-calc/index.md

@@ -1,11 +1,16 @@
-# SSVC Calculator
+---
+hide:
+  - navigation
+  - title
+---
+
+# Dryad SSVC Calculator
 
 <style>
 .sembed {
   min-width: 1200px;
   min-height: 1100px;
-  margin-left: -40%;
-  margin-top: -15%;
+  margin-top: -5%;
   z-index: 1;
   position: relative;
 }