f95cc4b13d
Replace named real-world entity with fictional generic Norwegian
public-sector entity ("Direktoratet for digital tjenesteutvikling",
DDT) across the design system reference scenarios and root docs.
Repository is a private personal project; references to a real
organization were unintended and unrelated to the project.
- Rename: security-vegvesen.html -> security-direktorat.html
- Persona: replaced with fictional Kari Nordmann
- Domain refs / acronym / rule-IDs: SVV* -> DDT*
- Internal system names (Autosys etc.): replaced with fictional names
Phase 2 (plugin-internal references) follows in next commit.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
88 lines
3.2 KiB
JSON
88 lines
3.2 KiB
JSON
{
|
|
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
"$id": "https://playground-ds.no/schemas/finding.json",
|
|
"title": "Finding",
|
|
"description": "Et enkelt funn fra en plugin-skanning. Brukes av llm-security, config-audit, ultraplan-review og ms-ai-review.",
|
|
"type": "object",
|
|
"required": ["id", "title", "severity", "source"],
|
|
"properties": {
|
|
"id": {
|
|
"type": "string",
|
|
"description": "Stabil ID, f.eks. DDT-2026-118-F-001",
|
|
"pattern": "^[A-Z0-9-]{4,}$"
|
|
},
|
|
"title": { "type": "string", "minLength": 4, "maxLength": 140 },
|
|
"severity": {
|
|
"enum": ["info", "low", "medium", "high", "critical"],
|
|
"description": "Standard 5-trinns skala. Maps til CSS-tokens --color-severity-*."
|
|
},
|
|
"score": {
|
|
"type": "number", "minimum": 0, "maximum": 10,
|
|
"description": "CVSS-lignende numerisk score. Valgfri — severity er primær."
|
|
},
|
|
"rules": {
|
|
"type": "array",
|
|
"items": { "type": "string", "pattern": "^[A-Z]{2,4}[0-9]{2}(\\.[0-9]+)?$" },
|
|
"description": "Regler/categories truffet, f.eks. LLM01, ASI02, DDT01"
|
|
},
|
|
"source": {
|
|
"type": "object",
|
|
"required": ["kind", "ref"],
|
|
"properties": {
|
|
"kind": { "enum": ["document", "prompt-response", "code-file", "config-file", "okr-set"] },
|
|
"ref": { "type": "string", "description": "Filnavn / URL / sak-ID" },
|
|
"line": { "type": "integer", "minimum": 1 },
|
|
"col": { "type": "integer", "minimum": 0 },
|
|
"snippet": { "type": "string", "maxLength": 800 }
|
|
}
|
|
},
|
|
"evidence": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"required": ["kind", "value"],
|
|
"properties": {
|
|
"kind": { "enum": ["text", "codepoint", "metric", "url", "image"] },
|
|
"value": { "type": "string" },
|
|
"label": { "type": "string" }
|
|
}
|
|
}
|
|
},
|
|
"rationale": { "type": "string", "description": "Norsk forklaring av hvorfor dette er et problem i denne konteksten" },
|
|
"recommendation": {
|
|
"type": "object",
|
|
"properties": {
|
|
"summary": { "type": "string" },
|
|
"steps": { "type": "array", "items": { "type": "string" } },
|
|
"ttf": { "type": "string", "description": "Tid til løsning, f.eks. '2 t', '1 d', '5 d'" },
|
|
"owner": { "type": "string", "description": "Foreslått eier (rolle eller person)" }
|
|
}
|
|
},
|
|
"references": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"properties": {
|
|
"label": { "type": "string" },
|
|
"url": { "type": "string", "format": "uri" }
|
|
}
|
|
}
|
|
},
|
|
"status": {
|
|
"enum": ["new", "acknowledged", "in-progress", "fixed", "accepted-risk", "false-positive"],
|
|
"default": "new"
|
|
},
|
|
"acceptance": {
|
|
"type": "object",
|
|
"description": "Påkrevd hvis status = accepted-risk og severity ≥ high",
|
|
"properties": {
|
|
"approver": { "type": "string" },
|
|
"date": { "type": "string", "format": "date" },
|
|
"rationale": { "type": "string" },
|
|
"review_by": { "type": "string", "format": "date" }
|
|
}
|
|
},
|
|
"created": { "type": "string", "format": "date-time" },
|
|
"updated": { "type": "string", "format": "date-time" }
|
|
}
|
|
}
|