Merge branch 'main' into feat/vuln

wurstbrot · web-flow · commit 1dcf7a03f7de · 2024-08-30T09:43:11.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,21 @@
+## [1.11.1](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/compare/v1.11.0...v1.11.1) (2024-07-31)
+
+
+### Bug Fixes
+
+* formatting ([4b37b45](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/commit/4b37b45c9a5f40c2f739f0e8509b7d07fe736224))
+
+# [1.11.0](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/compare/v1.10.1...v1.11.0) (2024-07-19)
+
+
+### Features
+
+* add auto merge of PRs ([8f9ea61](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/commit/8f9ea61b80c2dab6aea733e35da0ad665618ff44))
+* Add dep track to visualization ([162da73](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/commit/162da7338f4e1ad690637122516fd1873147a9e0))
+* add patching ([7233396](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/commit/7233396cfc8e8a72cc75f53bbe9067101178fdd2))
+* move SCA to level 2 ([11dafa2](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/commit/11dafa271acff38c9c8ae2cca7c3a72022e9df7a))
+* move SCA to level 2 ([51b8cd1](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/commit/51b8cd13daec712acee77ec3710557da95453dda))
+
 ## [1.10.1](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/compare/v1.10.0...v1.10.1) (2023-11-15)
 
 
diff --git a/src/assets/YAML/default/BuildAndDeployment/PatchManagement.yaml b/src/assets/YAML/default/BuildAndDeployment/PatchManagement.yaml
@@ -39,6 +39,7 @@ Build and Deployment:
       measure:
         Fast patching of third party component is needed. The DevOps way is
         to have an automated pull request for new components. This includes
+
         * Applications
         * Virtualized operating system components (e.g. container images)
         * Operating Systems
@@ -47,7 +48,7 @@ Build and Deployment:
         knowledge: 2
         time: 2
         resources: 2
-      usefulness: 5
+      usefulness: 4
       level: 1
       implementation:
         - $ref: src/assets/YAML/default/implementations.yaml#/implementations/dependabot
@@ -62,8 +63,8 @@ Build and Deployment:
           - 12.6.1
           - 14.2.5
         iso27001-2022:
-          - 8.8
-          - 8.27
+          - "8.8"
+          - "8.27"
       comments: ""
       tags:
         - patching
diff --git a/src/assets/YAML/default/CultureAndOrganization/Design.yaml b/src/assets/YAML/default/CultureAndOrganization/Design.yaml
@@ -273,7 +273,7 @@ Culture and Organization:
     Information security targets are communicated:
       uuid: 1b9281b9-48e2-4c01-9ac6-9db9931c4885
       risk:
-        Employees don't known their organizations security targets. Therefore
+        Employees don't know their organizations security targets. Therefore
         security is not considered during development and administration as much as
         it should be.
       measure:
diff --git a/src/assets/YAML/generated/generated.yaml b/src/assets/YAML/generated/generated.yaml
@@ -13838,4 +13838,4 @@ Test and Verification:
         Default: false
         B: false
         C: false
-...
+...
