Content repository for open source Drutiny policies and profiles.
License: GNU General Public License v3.0
This respository provides policies and profiles for Drutiny in YAML format compatible with the Drutiny
localFs PolicySource and
ProfileSource adapters.
The contents of this repository are compiled into the API endpoints found at https://drutiny.github.io/api/v2/
which are consumed by the DrutinyGithubIo PolicySource
and ProfileSource adapters.
This respository is available as a composer package, generally used for local development. It is a require-dev
dependency for drutiny/drutiny.
I believe I am getting false positives for this policy:
https://github.com/drutiny/content/blob/master/Policy/acquia/cloud-edge-caching.policy.yml
This site returns HIT for header: cf-cache-status but the policy outputs "Failed"
$ drutiny policy:audit Acquia:CloudEdgeCaching @craind83.prod --uri=https://autoweek.com -vvv
[notice] Loading profile sources
[notice] cskb.acquia.com has 69 polices.
[notice] drutiny.github.io has 235 polices.
[notice] localfs has 0 polices.
[info] Loaded policy sources in 0.42s
[info] Cache hit for Acquia:CloudEdgeCaching from drutiny.github.io
PHP Warning: dirname() expects parameter 1 to be string, object given in /Users/mark.felton/TAM-Tools/drutiny-cs-adaptor/vendor/drutiny/drutiny/src/Report/Format.php on line 159
Warning: dirname() expects parameter 1 to be string, object given in /Users/mark.felton/TAM-Tools/drutiny-cs-adaptor/vendor/drutiny/drutiny/src/Report/Format.php on line 159
[debug] Cache hit for: drush sa @craind83.prod --format=json
[debug] Reporting period set 2019-06-04 22:00:00 America/New_York to 2019-06-05 22:00:00 America/New_York
[info] Cache hit for Acquia:CloudEdgeCaching from drutiny.github.io
[info] Assessing policy...
[debug] Reporting period set 2019-06-04 22:06:44 America/New_York to 2019-06-05 22:06:44 America/New_York
[debug] Reporting period set 2019-06-04 22:00:00 America/New_York to 2019-06-05 22:00:00 America/New_York
[info] Auditing Acquia:CloudEdgeCaching
[info] Evaluating expression: (Policy("HTTP:Cache-Control") == "success")
[info] Running policy HTTP:Cache-Control audit inside dependency expression.
[info] Cache hit for HTTP:Cache-Control from drutiny.github.io
[debug] Reporting period set 2019-06-04 22:06:44 America/New_York to 2019-06-05 22:06:44 America/New_York
[info] Auditing HTTP:Cache-Control
[info] Drutiny\Http\Audit\Http: GET https://autoweek.com
[debug] Tokens:
header: Cache-Control
regex: max-age=
_chart: { }
url: 'https://autoweek.com'
force_ssl: false
method: GET
options: { }
status_code: null
use_cache: true
[debug] Policy(HTTP:Cache-Control) returned "success".
[debug] Drutiny\Policy\Dependency: Expression PASSED: 1
[info] Drutiny\Http\Audit\Http: GET https://autoweek.com
[debug] Tokens:
header: cf-cache-status
header_value: HIT
_chart: { }
url: 'https://autoweek.com'
force_ssl: false
method: GET
options: { }
status_code: null
use_cache: true
# Policy Audit: Acquia:CloudEdgeCaching
22:06 - June 5th, 2019
https://autoweek.com
## Policy Outcome
### Cloud Edge Caching
โ Failed [severity=medium]
When Cloudflare is successfully caching a page it will send out `CF-Cache-Status`
headers with caching information for the page requested. The value should be HIT
Acquia Cloud Edge did not hit cache.
#### Remediation
Please review your Cloud Edge settings to ensure page caching is enabled. Also
check Drupal cache settings to ensure the page requested is cacheable.
Running the same policy on http://autoweek.com works.
content/Policy/drupal-7/user1.policy.yml defaults to 1 for account status. This is active, as noted in the file. However, when the check fails (i.e. account status is inactive), it reports as: "User #1 is not secure. Status is not set correctly. Should be inactive."
If User 1 is set the active, the check clears and reports: "User #1 is locked down. ... Status is set to 1"
>>> \Drupal::getContainer()->getParameter('twig.config');
=> [
"debug" => false,
"auto_reload" => false,
"cache" => true,
]
On Acquia Cloud, using the recommended snippet to enable the use of memcache as a default cache backend, you simply need the module present in your codebase, but not necessarily enabled:
Should we disable this dependency on https://github.com/drutiny/content/blob/master/Policy/drupal-8/memcacheDefaultCacheBackend.policy.yml#L37 ?
Some of the incompatible policies went in as Drupal-7 namespace instead of Drupal-8.
The Remediation and Passed values in the D8 Health Analysis profile are not translatable in template/profile/policy files. Brian Schilt helped me to investigate this and he found that these values come from the JSON.php file:
Also, there are some cases where values like dates, and tables generated by in PHP files are not translatable in template/profile/policy files:
I created this ticket as a placeholder for items related to translations because we will eventually be moving this to CSKB. Feel free to defer this issue to a future release
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.