cisagov/ScubaGear issues and pull requests

#1319 - Add a badge for the functional tests

Pull Request - State: open - Opened by james-garriss 5 days ago
Labels: enhancement

#1318 - Bump OPA version from v0.67.1 to v0.68.0

Pull Request - State: open - Opened by github-actions[bot] 5 days ago
Labels: version bump

#1317 - Update the Functional and Smoke Tests to use the ScubaResults.json rather than the ProviderSettingsExport.json

Issue - State: open - Opened by buidav 5 days ago
Labels: enhancement

#1316 - Make ScubaResults.json the default JSON output

Pull Request - State: open - Opened by buidav 5 days ago
Labels: breaking change, enhancement

#1315 - ScubaGear crashes when running OPA executable on some systems using UNC file paths

Issue - State: open - Opened by tkol2022 9 days ago
Labels: bug

#1314 - Make a guide on how meet ScubaGear checks

Issue - State: open - Opened by buidav 9 days ago
Labels: documentation

#1313 - Add timing information to ScubaGear results

Issue - State: open - Opened by schrolla 10 days ago
Labels: enhancement

#1312 - Adding Conditional Access Policy Implementation Instructions to AAD 1.1

Pull Request - State: open - Opened by dagarwal-mitre 12 days ago
Labels: documentation

#1311 - SharePoint not authenticating "No valid OAuth 2.0 authentication session exists"

Issue - State: closed - Opened by kamsalisbury 13 days ago - 2 comments
Labels: public-reported

#1310 - Enhance AAD provider to handle nested PIM groups and refactor Get-PrivilegedUser to reduce code duplication

Pull Request - State: open - Opened by tkol2022 13 days ago - 9 comments
Labels: bug, enhancement

#1309 - Add policy check for SharePoint 3.2 when using service principal and remove deprecated Get-SPOSite parameter

Pull Request - State: open - Opened by mitchelbaker-cisa 16 days ago - 3 comments
Labels: bug, enhancement

#1308 - Update SharePoint policies 1.3 and 1.4 with less verbose language

Issue - State: open - Opened by mitchelbaker-cisa 16 days ago

#1307 - SharePoint incorrectly produces N/A for policy 3.3

Issue - State: open - Opened by mitchelbaker-cisa 16 days ago

#1306 - AAD provider crashes when a PIM group contains nested group assignments

Issue - State: open - Opened by tkol2022 16 days ago
Labels: bug

#1305 - AAD provider crashes if a user or group assigned to a PIM group gets deleted before running ScubaGear

Issue - State: open - Opened by tkol2022 16 days ago
Labels: bug

#1304 - ScubaResults.json file encoded with UTF-8 BOM

Issue - State: open - Opened by schrolla 16 days ago - 1 comment
Labels: enhancement

#1303 - Determine what types of nesting is possible with Entra Id and Entra Id PIM groups

Issue - State: open - Opened by tkol2022 16 days ago - 4 comments
Labels: hands-on-prototyping

#1302 - Fix encoding issue by removing BOM from provider output files

Pull Request - State: open - Opened by schrolla 16 days ago - 16 comments
Labels: bug, public-reported

#1301 - Notify TCOs when nightly functional tests fail

Pull Request - State: open - Opened by james-garriss 16 days ago - 1 comment
Labels: enhancement

#1300 - Add initialize-scuba to execution page

Pull Request - State: closed - Opened by james-garriss 16 days ago - 2 comments
Labels: documentation

#1299 - Error with OPA parsing, only for Defender

Issue - State: open - Opened by skirkpatrickms 16 days ago - 3 comments
Labels: public-reported

#1298 - Change the title of the reports to include "Secure Configuration Baseline"

Issue - State: open - Opened by adhilto 17 days ago
Labels: enhancement

#1297 - Remove workflow unit tests from CI pipeline

Pull Request - State: closed - Opened by james-garriss 23 days ago - 1 comment
Labels: enhancement, Testing

#1296 - Fix failing smoke tests

Issue - State: open - Opened by james-garriss 23 days ago - 1 comment
Labels: bug

#1295 - Bump OPA version from v0.66.0 to v0.68.0

Pull Request - State: closed - Opened by github-actions[bot] 23 days ago - 1 comment
Labels: version bump

#1294 - Improve functional testing by adding condition validation support function

Issue - State: open - Opened by schrolla 24 days ago
Labels: enhancement, Testing

#1293 - Update Iceburg SCBs to adjudicate comments made by JCDC during CB publication review

Pull Request - State: closed - Opened by ahuynhMITRE 24 days ago - 1 comment
Labels: baseline-document

#1292 - Reworked EXO Unit Tests to use 1 JSON

Pull Request - State: closed - Opened by dagarwal-mitre 24 days ago - 1 comment
Labels: enhancement, Testing

#1291 - Update Iceburg SCBs to adjudicate comments made by JCDC

Issue - State: closed - Opened by ahuynhMITRE 26 days ago
Labels: baseline-document

#1290 - Remove HTML elements from ScubaResults.json

Issue - State: open - Opened by adhilto 26 days ago
Labels: enhancement

#1289 - Connect the rationales provided via config file with the csv output

Issue - State: open - Opened by adhilto 26 days ago
Labels: enhancement

#1288 - Get-PrivilegedUser fails when a Privileged Entra Id role is assigned to a group

Issue - State: open - Opened by thetolkienblackguy 27 days ago - 17 comments
Labels: bug, public-reported

#1287 - Portions of the provider output include a lot of redundant information

Issue - State: open - Opened by adhilto 27 days ago
Labels: enhancement

#1286 - Highly encourage use of MergeJson flag in the documentation

Issue - State: open - Opened by adhilto 27 days ago
Labels: documentation

#1285 - Add ScubaGear version update available notification

Issue - State: open - Opened by schrolla 30 days ago
Labels: enhancement

#1284 - Provide guidance on the permissions required for viewing Defender alerts

Issue - State: open - Opened by mitchelbaker-cisa about 1 month ago
Labels: baseline-document

#1283 - Convert issue templates in markdown to Github's issue forms

Issue - State: open - Opened by mitchelbaker-cisa about 1 month ago
Labels: enhancement, baseline-document

#1282 - Refactor Defender Unit test to pull from central Jsons

Pull Request - State: open - Opened by Sloane4 about 1 month ago
Labels: enhancement, Testing

#1281 - Enhance csv version of output

Pull Request - State: closed - Opened by adhilto about 1 month ago - 16 comments
Labels: enhancement

#1280 - Fix the Azure GitHub link in the Microsoft Teams baseline markdown document

Pull Request - State: closed - Opened by buidav about 1 month ago
Labels: bug, baseline-document

#1279 - Minor Teams baseline invalid markdown error

Issue - State: closed - Opened by buidav about 1 month ago
Labels: bug, baseline-document

#1278 - Concurrent runs of conflicting test jobs may fail when running nightly functional tests workflow

Issue - State: open - Opened by schrolla about 1 month ago - 3 comments
Labels: bug, Testing

#1277 - Fix failing defender functional tests

Pull Request - State: closed - Opened by schrolla about 1 month ago - 1 comment
Labels: bug, Testing

#1276 - Determine impacts of Microsoft new mandatory enforcement of MFA for Azure and admin portals

Issue - State: open - Opened by tkol2022 about 1 month ago
Labels: need info

#1272 - Prototype SharePoint integration with Microsoft Entra B2B to determine if Scuba should augment policies to cover the integration

Issue - State: open - Opened by tkol2022 about 1 month ago
Labels: hands-on-prototyping

#1271 - CI pipeline should not be running workflow unit tests

Issue - State: closed - Opened by james-garriss about 1 month ago - 1 comment
Labels: bug

#1268 - Sharepoint functional tests for policy 3.2 non applicable cases need to remove unnecessary fields to get rid of warnings

Issue - State: open - Opened by tkol2022 about 2 months ago
Labels: bug, Testing

#1263 - Add Initialize-Scuba to execution page

Issue - State: closed - Opened by james-garriss about 2 months ago
Labels: documentation, enhancement

#1262 - Add initialization tests to CI pipeline

Issue - State: open - Opened by james-garriss about 2 months ago
Labels: enhancement

#1259 - Bump OPA version from v0.66.0 to v0.67.1

Pull Request - State: closed - Opened by github-actions[bot] about 2 months ago - 3 comments
Labels: version bump

#1245 - Fix some issues with the markdown in the AAD/EntraID documentation.

Pull Request - State: closed - Opened by WellKnitTech about 2 months ago - 1 comment
Labels: baseline-document, public-reported

#1242 - unable to parse input: yaml: line 3902: found unknown escape character

Issue - State: open - Opened by git891 about 2 months ago - 1 comment
Labels: bug, public-reported

#1238 - Reduce MS.AAD.5.4v1 good setting threshold to 0 when setting is discontinued

Pull Request - State: closed - Opened by rmoffitt-m about 2 months ago - 2 comments
Labels: bug, wontfix

#1236 - Refactor AAD/Defender nightly tests to run over a longer period of time

Issue - State: closed - Opened by james-garriss about 2 months ago - 1 comment
Labels: bug, enhancement, Testing

#1228 - Remove MS.SHAREPOINT.4.1v1 policy and references (baseline only)

Pull Request - State: closed - Opened by ahuynhMITRE about 2 months ago - 2 comments
Labels: baseline-document

#1222 - Create a GitHub Action to deploy baselines to cisa.gov Drupal site

Issue - State: open - Opened by mitchelbaker-cisa 2 months ago
Labels: hands-on-prototyping

#1216 - Impact Analysis - Follow-up investigation of Microsoft change to Sharepoint custom scripting

Issue - State: open - Opened by ahuynhMITRE 2 months ago - 7 comments
Labels: need info

#1214 - unable to parse input: yaml: line 1136: found unknown escape character (Defender)

Issue - State: open - Opened by pegasass 2 months ago - 2 comments
Labels: public-reported

#1209 - Ensure functional testing is stable and reliable

Issue - State: open - Opened by schrolla 2 months ago - 2 comments
Labels: bug, epic, Testing

#1205 - Make MergeJson the default behavior

Issue - State: open - Opened by adhilto 3 months ago - 2 comments
Labels: enhancement

#1193 - Individual product report.json files are not covered by smoke test

Issue - State: closed - Opened by mitchelbaker-cisa 3 months ago - 3 comments
Labels: enhancement, Testing

#1184 - Perform detailed code review of AAD Rego policies that check conditional access

Issue - State: open - Opened by tkol2022 3 months ago - 3 comments
Labels: code-review

#1170 - AAD Rego policies that examine conditional access are not checking for guest user exclusions or application exclusions

Issue - State: open - Opened by tkol2022 3 months ago - 3 comments
Labels: bug

#1161 - Using unsupported OPA version results in warning

Issue - State: closed - Opened by grepcatman 3 months ago - 2 comments
Labels: public-reported

#1160 - Review Microsoft zero trust guidance on conditional access policies for impacts to Scuba

Issue - State: open - Opened by tkol2022 3 months ago
Labels: enhancement, baseline-document

#1138 - Ensure robust escape handling for ScubaGear inputs

Issue - State: open - Opened by schrolla 4 months ago - 2 comments
Labels: bug, epic

#1136 - Centralize constant values to single location

Issue - State: open - Opened by james-garriss 4 months ago
Labels: epic, enhancement

#1111 - Refactor EXO Unit Tests

Issue - State: closed - Opened by Sloane4 4 months ago
Labels: enhancement, Testing

#1093 - SharePoint functional test plan for the spo variant is failing/erroring for multiple policies

Issue - State: open - Opened by nanda-katikaneni 5 months ago
Labels: bug, Testing

#1092 - Add a backup path to look for the OPA executable in the current directory

Pull Request - State: closed - Opened by buidav 5 months ago - 2 comments
Labels: enhancement

#1073 - Service Principal Security

Issue - State: open - Opened by schrolla 5 months ago
Labels: epic

#1072 - Prototype M365 Auditing Changes and Enhancements

Issue - State: open - Opened by schrolla 5 months ago - 3 comments
Labels: epic, enhancement

#1059 - Teams product testing with ScubaGear on a GCCHIGH tenant throws a warning about 'invalid teams environment name for migration api'

Issue - State: open - Opened by nanda-katikaneni 6 months ago
Labels: bug

#1055 - Defender functional tests fail due to timing/cache issues

Issue - State: closed - Opened by schrolla 6 months ago - 1 comment
Labels: bug, Testing

#1026 - Enhance csv version of output

Issue - State: closed - Opened by adhilto 6 months ago - 1 comment
Labels: enhancement

#990 - Defender errors when running against DLP policies with \. And \T syntax

Issue - State: open - Opened by ahuynhMITRE 6 months ago - 1 comment
Labels: bug

#982 - Enhance AAD policy 1.1 instructions by including a conditional access policy template

Issue - State: open - Opened by tkol2022 6 months ago
Labels: baseline-document

#957 - Proof of Concept - Sharepoint provider MSAL authentication and REST API to get missing fields and uniform API invocation

Issue - State: open - Opened by twneale 7 months ago - 7 comments
Labels: hands-on-prototyping

GitHub / cisagov/ScubaGear issues and pull requests