sei-renae
diff --git a/‎.github/ISSUE_TEMPLATE/bug_report.md‎
Lines changed: 1 addition & 0 deletions b/‎.github/ISSUE_TEMPLATE/bug_report.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/ISSUE_TEMPLATE/question.md‎
Lines changed: 1 addition & 1 deletion b/‎.github/ISSUE_TEMPLATE/question.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/PULL_REQUEST_TEMPLATE/pull_request_template.md‎
Lines changed: 3 additions & 3 deletions b/‎.github/PULL_REQUEST_TEMPLATE/pull_request_template.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎.github/workflows/deploy_site.yml‎
Lines changed: 2 additions & 1 deletion b/‎.github/workflows/deploy_site.yml‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎.github/workflows/lint_md_changes.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/lint_md_changes.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/python-app.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/python-app.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎Dockerfile‎
Lines changed: 13 additions & 8 deletions b/‎Dockerfile‎
Lines changed: 13 additions & 8 deletions
diff --git a/‎LICENSE‎
Lines changed: 46 additions & 65 deletions b/‎LICENSE‎
Lines changed: 46 additions & 65 deletions
diff --git a/‎Makefile‎
Lines changed: 66 additions & 0 deletions b/‎Makefile‎
Lines changed: 66 additions & 0 deletions
@@ -12,6 +12,7 @@ A clear and concise description of what the bug is.
 
 **To Reproduce**
 Steps to reproduce the behavior:
+
 1. Go to '...'
 2. Click on '....'
 3. Scroll down to '....'
 
@@ -7,6 +7,6 @@ assignees: ''
 
 ---
 
-_Note:_ Questions for the SSVC team can be asked here in the form of an issue. More general questions directed at the SSVC user community
+*Note:* Questions for the SSVC team can be asked here in the form of an issue. More general questions directed at the SSVC user community
 might be a better fit in the [Q&A](https://github.com/CERTCC/SSVC/discussions/categories/q-a) category of our
 [Discussions](https://github.com/CERTCC/SSVC/discussions) area.
@@ -4,7 +4,7 @@
   not just a reference to an issue number. PR titles are used in the commit log
   and release notes, so they need to convey meaning on their own.
 - Most pull requests should be in response to an issue, and ideally a PR will
-  resolve or close one or more issues. 
+  resolve or close one or more issues.
 - If a PR only partially resolves an issue,
   we suggest spawning one or more child issues from the main issue to identify what portion
   of the issue is resolved by the PR, and what work remains to be done.
@@ -13,5 +13,5 @@
 - Using bulleted lists with the issue id at the end lets github automatically
   link the issue and provide the title inline. E.g.: `- resolves #99999`
 - CoPilot summaries are welcome in the PR description, but please provide a brief
-description of the changes in your own words as well. CoPilot can be good at the _what_,
-but not so good at the _why_.
+description of the changes in your own words as well. CoPilot can be good at the *what*,
+but not so good at the *why*.
@@ -37,7 +37,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
-          python-version: '3.10'
+          python-version: '3.12'
 
       - name: Install dependencies
         run: |
@@ -49,6 +49,7 @@ jobs:
 
       - name: Build Site
         run: |
+          export PYTHONPATH=src:$PYTHONPATH
           mkdocs build --verbose --clean --config-file mkdocs.yml       
 
       - name: Upload artifact
 
@@ -16,12 +16,12 @@ jobs:
     - uses: actions/checkout@v4
       with:
         fetch-depth: 0
-    - uses: tj-actions/changed-files@v44
+    - uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c
       id: changed-files
       with:
         files: '**/*.md'
         separator: ","
-    - uses: DavidAnson/markdownlint-cli2-action@v16
+    - uses: DavidAnson/markdownlint-cli2-action@v20
       if: steps.changed-files.outputs.any_changed == 'true'
       with:
         globs: ${{ steps.changed-files.outputs.all_changed_files }}
 
@@ -21,10 +21,10 @@ jobs:
     - uses: actions/checkout@v4
       with:
         fetch-tags: true
-    - name: Set up Python 3.10
+    - name: Set up Python 3.12
       uses: actions/setup-python@v5
       with:
-        python-version: "3.10"
+        python-version: "3.12"
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip
 
@@ -1,18 +1,23 @@
-FROM python:3.12-slim-bookworm
-
+FROM python:3.12-slim-bookworm AS base
+RUN pip install --upgrade pip
 WORKDIR /app
 
+FROM base AS dependencies
+
 # install requirements
 COPY requirements.txt .
 RUN pip install -r requirements.txt
-
 # Copy the files we need
-COPY src/ .
-COPY data ./data
+COPY . /app
+# Set the environment variable
+ENV PYTHONPATH=/app/src
 
+
+FROM dependencies AS test
 # install pytest
 RUN pip install pytest
-
 # run the unit tests \
-ENTRYPOINT ["pytest"]
-CMD ["test"]
+CMD ["pytest","src/test"]
+
+FROM dependencies AS docs
+CMD ["mkdocs", "serve", "--dev-addr", "0.0.0.0:8000"]
@@ -1,67 +1,48 @@
-The following license applies to software contained in this repository.
+Different directories in this repository are subject to different licenses. Please consult each directory for its applicable license.
+
+---
+
+The following statement applies to markdown, pdf, bib, and text files (documentation):
+
+Copyright 2025 Carnegie Mellon University.
+ 
+This material is based upon work funded and supported by the Department of Homeland Security under Contract No. FA8702-15-D-0002 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center sponsored by the United States Department of Defense. 
+ 
+The view, opinions, and/or findings contained in this material are those of the author(s) and should not be construed as an official Government position, policy, or decision, unless designated by other documentation.
+ 
+NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
+ 
+[DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution.  Please see Copyright notice for non-US Government use and distribution.
+ 
+This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.  Requests for permission for non-licensed uses should be directed to the Software Engineering Institute at permission@sei.cmu.edu.
+CERT Coordination Center® is registered in the U.S. Patent and Trademark Office by Carnegie Mellon University.
+ 
+DM24-0278
+
+---
+
+The following statement applies to py, json, csv, sh, toml files (software):
+
+Copyright 2025 Carnegie Mellon University.
+ 
+Licensed under a MIT (SEI)-style license, please see license.txt or contact permission@sei.cmu.edu for full terms.
+ 
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+ 
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+ 
+This Software includes and/or can make use of certain third party software ("Third Party Software"). The Third Party Software that is used by the software is dependent upon your system configuration, but typically includes the software identified in this license.txt file, and/or described in the documentation and/or read me file. By using this software, you agree to comply with any and all relevant Third Party Software terms and conditions contained in any such Third Party Software or separate license file distributed with such Third Party Software. The parties who own the Third Party Software ("Third Party Licensors") are intended third party beneficiaries to this License with respect to the terms applicable to their Third Party Software. Third Party Software licenses only apply to the Third Party Software and not any other portion of SEI Software or this software as a whole.
+ 
+This material is based upon work funded and supported by the Department of Defense under Contract No. FA8702-15-D-0002 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. 
+ 
+The view, opinions, and/or findings contained in this material are those of the author(s) and should not be construed as an official Government position, policy, or decision, unless designated by other documentation. 
+ 
+References herein to any specific commercial product, process, or service by trade name, trade mark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by Carnegie Mellon University or its Software Engineering Institute.
+ 
+NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
+ 
+[DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution.  Please see Copyright notice for non-US Government use and distribution.
+ 
+DM24-0278
 
-----
-MIT License
 
-Copyright (c) 2020-2025 Carnegie Mellon University
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
-----
-The following statement applies to PDF, markdown, and text documents contained in this repository.
-
-This material is based upon work funded and supported by the Department of Defense
-under Contract No. FA8702-15-D-0002 with Carnegie Mellon University for the operation
-of the Software Engineering Institute, a federally funded research and development center.
-
-The view, opinions, and/or findings contained in this material are those of the author(s)
-and should not be construed as an official Government position, policy, or decision, unless
-designated by other documentation.
-
-References herein to any specific commercial product, process, or service by trade name,
-trade mark, manufacturer, or otherwise, does not necessarily constitute or imply its
-endorsement, recommendation, or favoring by Carnegie Mellon University or its
-Software Engineering Institute.
-
-NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL
-IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND,
-EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF
-FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE
-MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT
-TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
-
-[DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution.
-Please see Copyright notice for non-US Government use and distribution.
-
-Internal use:
-* Permission to reproduce this material and to prepare derivative works from this material for internal
-use is granted, provided the copyright and “No Warranty” statements are included with all reproductions
-and derivative works.
-
-External use:
-* This material may be reproduced in its entirety, without modification, and freely distributed in
-written or electronic form without requesting formal permission. Permission is required for any
-other external and/or commercial use. Requests for permission should be directed to the
-Software Engineering Institute at permission@sei.cmu.edu.
-
-* These restrictions do not apply to U.S. government entities.
-
-Carnegie Mellon®, CERT Coordination Center® and OCTAVE® are registered in the U.S. Patent and
-Trademark Office by Carnegie Mellon University.
-DM18-1203, DM19-1222
@@ -0,0 +1,66 @@
+# Project-specific vars
+PFX=ssvc
+DOCKER=docker
+DOCKER_BUILD=$(DOCKER) build
+DOCKER_RUN=$(DOCKER) run --tty --rm
+PROJECT_VOLUME=--volume $(shell pwd):/app
+MKDOCS_PORT=8765
+
+# docker names
+TEST_DOCKER_TARGET=test
+TEST_IMAGE = $(PFX)_test
+DOCS_DOCKER_TARGET=docs
+DOCS_IMAGE = $(PFX)_docs
+
+# Targets
+.PHONY: all dockerbuild_test dockerrun_test dockerbuild_docs dockerrun_docs docs docker_test clean help
+
+all: help
+
+mdlint_fix:
+	@echo "Running markdownlint..."
+	markdownlint --config .markdownlint.yml --fix .
+
+dockerbuild_test:
+	@echo "Building the test Docker image..."
+	$(DOCKER_BUILD) --target $(TEST_DOCKER_TARGET) --tag $(TEST_IMAGE) .
+
+dockerrun_test:
+	@echo "Running the test Docker image..."
+	$(DOCKER_RUN) $(PROJECT_VOLUME) $(TEST_IMAGE)
+
+dockerbuild_docs:
+	@echo "Building the docs Docker image..."
+	$(DOCKER_BUILD) --target $(DOCS_DOCKER_TARGET) --tag $(DOCS_IMAGE) .
+
+dockerrun_docs:
+	@echo "Running the docs Docker image..."
+	$(DOCKER_RUN) --publish $(MKDOCS_PORT):8000 $(PROJECT_VOLUME) $(DOCS_IMAGE)
+
+
+docs: dockerbuild_docs dockerrun_docs
+docker_test: dockerbuild_test dockerrun_test
+
+clean:
+	@echo "Cleaning up..."
+	$(DOCKER) rmi $(TEST_IMAGE) $(DOCS_IMAGE) || true
+
+help:
+	@echo "Usage: make [target]"
+	@echo ""
+	@echo "Targets:"
+	@echo " all         - Display this help message"
+	@echo " mdlint_fix  - Run markdownlint with --fix"
+	@echo " docs        - Build and run the docs Docker image"
+	@echo " docker_test - Build and run the test Docker image"
+	@echo ""
+	@echo " dockerbuild_test - Build the test Docker image"
+	@echo " dockerrun_test   - Run the test Docker image"
+	@echo " dockerbuild_docs - Build the docs Docker image"
+	@echo " dockerrun_docs   - Run the docs Docker image"
+	@echo ""
+	@echo " clean - Remove the Docker images"
+	@echo " help  - Display this help message"
+
+
+