Skip to content

Commit

Permalink
Merge pull request #94 from cisagov/improvement/get-rid-of-latex-warn…
Browse files Browse the repository at this point in the history
…ings

Get rid of LaTeX warnings
  • Loading branch information
jsf9k authored Nov 29, 2023
2 parents 2a79d9e + dd42ac0 commit fc7367f
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 11 deletions.
16 changes: 8 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ expects the secrets in a different location.
To run the `cisagov/pshtt_reporter` image via Docker:

```console
docker run cisagov/pshtt_reporter:1.2.15
docker run cisagov/pshtt_reporter:1.2.16
```

### Running with Docker Compose ###
Expand All @@ -43,7 +43,7 @@ docker run cisagov/pshtt_reporter:1.2.15

services:
pshtt_reporter:
image: cisagov/pshtt_reporter:1.2.15
image: cisagov/pshtt_reporter:1.2.16
volumes:
- type: bind
source: <your_log_dir>
Expand Down Expand Up @@ -89,7 +89,7 @@ environment variables. See the
services:
pshtt_reporter:
image: cisagov/pshtt_reporter:1.2.15
image: cisagov/pshtt_reporter:1.2.16
volumes:
- type: bind
source: <your_log_dir>
Expand Down Expand Up @@ -126,7 +126,7 @@ environment variables. See the
1. Pull the new image:

```console
docker pull cisagov/pshtt_reporter:1.2.15
docker pull cisagov/pshtt_reporter:1.2.16
```

1. Recreate and run the container by following the [previous instructions](#running-with-docker).
Expand All @@ -136,11 +136,11 @@ environment variables. See the
The images of this container are tagged with [semantic
versions](https://semver.org) of the underlying example project that they
containerize. It is recommended that most users use a version tag (e.g.
`:1.2.15`).
`:1.2.16`).

| Image:tag | Description |
|-----------|-------------|
|`cisagov/pshtt_reporter:1.2.15`| An exact release version. |
|`cisagov/pshtt_reporter:1.2.16`| An exact release version. |
|`cisagov/pshtt_reporter:1.2`| The most recent release matching the major and minor version numbers. |
|`cisagov/pshtt_reporter:1`| The most recent release matching the major version number. |
|`cisagov/pshtt_reporter:edge` | The most recent image built from a merge into the `develop` branch of this repository. |
Expand Down Expand Up @@ -204,7 +204,7 @@ Build the image locally using this git repository as the [build context](https:/

```console
docker build \
--tag cisagov/pshtt_reporter:1.2.15 \
--tag cisagov/pshtt_reporter:1.2.16 \
https://github.com/cisagov/pshtt_reporter.git#develop
```

Expand Down Expand Up @@ -235,7 +235,7 @@ Docker:
--file Dockerfile-x \
--platform linux/amd64 \
--output type=docker \
--tag cisagov/pshtt_reporter:1.2.15 .
--tag cisagov/pshtt_reporter:1.2.16 .
```

## Contributing ##
Expand Down
10 changes: 8 additions & 2 deletions src/report/https_scan_report.mustache
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,11 @@
\usepackage{hhline} % used for double horizontal lines in tables
\usepackage{amsmath} % used for {align*} in tables
\usepackage{pgfplots} % used to create line graph
% Gets rid of an xetex warning:
% Package pgfplots Warning: running in backwards compatibility mode
% (unsuitable tick labels; missing features). Consider writing
% \pgfplotsset{compat=1.17} into your preamble
\pgfplotsset{compat=1.17}
\usepackage{tikz} % used to draw graphs
\usepackage{pgf}
\usepackage{url}
Expand Down Expand Up @@ -360,16 +365,17 @@
\newpage
\renewcommand{\footrulewidth}{0.4pt}
\section{Executive Summary}
\label{sec:executive summary}
\label{sec:executive_summary}
Hypertext Transfer Protocol (HTTP) connections can be easily monitored, modified, and impersonated; HTTPS remedies each vulnerability. HTTP Strict Transport Security (HSTS) ensures that browsers always use an https:// connection, and removes the ability for users to click through certificate-related warnings.

In 2015, \href{https://https.cio.gov/}{OMB M-15-13} required all existing Federal websites and web services to be accessible through a secure connection (HTTPS-only, with HSTS). In 2017, the .gov registry began \href{https://home.dotgov.gov/hsts-preloading/}{automatically preloading} new federal .gov domains as HSTS-only in modern browsers. Federal agencies must make more progress on HTTPS and HSTS deployment, including by removing support for known-weak cryptographic protocols and ciphers.

This weekly report, created by the \href{https://www.cisa.gov/}{Cybersecurity and Infrastructure Security Agency (CISA)}, is intended to assist your agency to comply with the web security aspects of Binding Operational Directive (BOD) 18-01. Implementation guidance can be found at \href{https://cyber.dhs.gov/guide}{https://cyber.dhs.gov/guide} and \href{https://https.cio.gov}{https://https.cio.gov}. This report also helps agencies to \href{https://https.cio.gov/hsts/#hsts-preloading}{``preload" their domains} to better enforce the protections BOD 18-01 requires.
\vspace*{-3mm}
\phantomsection
\addcontentsline{toc}{subsection}{Overview} % Adds a subsection to toc
\subsection*{Overview}
\hypertarget{Overview}{\subsection*{Overview}}
\vspace*{-3mm}
\raggedright
We measure the presence and enforcement of HTTPS for your agency's publicly-accessible .gov domains. \textbf{This report includes all agency-registered \href{https://github.com/cisagov/dotgov-data/blob/main/current-federal.csv}{second-level .gov domains} and known subdomains}, collectively referred to as ``hostnames" in this document (see the \hyperref[sec:methodology]{\color{dhs-blue}{Methodology}} section for a description of how these hostnames are collected). Hostnames which do nothing but redirect to other websites \textit{are} measured. Hostnames that did not respond to HTTP/HTTPS requests are considered `non-web' and are removed from the compliance figures below.
Expand Down
2 changes: 1 addition & 1 deletion src/version.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = "1.2.15"
__version__ = "1.2.16"

0 comments on commit fc7367f

Please sign in to comment.