Skip to content

Commit ca77d15

Browse files
committed
fix(assessments/guide): linting, spelling, links
Signed-off-by: Marco De Benedictis <marco.de-benedictis@control-plane.io>
1 parent 78c626d commit ca77d15

File tree

1 file changed

+15
-15
lines changed

1 file changed

+15
-15
lines changed

community/assessments/guide/README.md

+15-15
Original file line numberDiff line numberDiff line change
@@ -6,20 +6,20 @@ should be assessed during a TAG-Security Security Assessment (TSSA).
66

77
* [Roles](#roles)
88
* [TSSA package steps](#tssa-package-steps)
9-
* [New projects](#new-projects)
9+
* [Abbreviated project assessment](#abbreviated-project-assessment)
1010
1. [Self-assessment](#complete-a-self-assessment)
1111
2. [Create issue](#create-a-presentation-issue)
1212
3. [Present](#present-the-project-and-self-assessment)
1313
4. [Submit PR](#submit-a-pr-to-include-the-self-assessment-in-the-repo)
14-
* [Growing projects](#growing-projects)
14+
* [More detailed project assessment](#more-detailed-project-assessment)
1515
1. [Create issue](#create-tracking-issue)
16-
2. [Draft joint assessment](#project-provides-the-joint-assessment-and-reviewers-are-assigned)
17-
3. [Reviewers assigned](#project-provides)
16+
2. [Self-assessment](#project-creates-a-self-assessment)
17+
3. [Reviewers assigned](#project-provides-the-self-assessment-and-reviewers-are-assigned)
1818
4. [Conflict of interest](#conflict-of-interest-statement-and-review)
1919
5. [Clarifying questions](#clarifying-questions-phase)
20-
6. [Assessment](#security-assessment-with-optional-hands-on-assessment)
20+
6. [Assessment](#security-assessment)
2121
7. [Presentation](#presentation)
22-
8. [Final summary](#final-summary)
22+
8. [Final artifacts](#final-artifacts-which-are-committed)
2323
9. [Survey](#post-assessment-survey)
2424
* [Additional process notes](#additional-process-notes)
2525

@@ -37,9 +37,9 @@ stages](https://github.com/cncf/toc/tree/main/process).
3737

3838
### Abbreviated project assessment
3939

40-
Projects which are very early on in their maturity may use a short process to
40+
Projects which are very early on in their maturity may use a short process to
4141
get some initial feedback by documenting their threat model and security design.
42-
They use an abbreviated process which does not result in a joint assessment or a
42+
They use an abbreviated process which does not result in a joint assessment or a
4343
detailed review by TAG Security.
4444

4545
Note: Responsible roles for specific items are in **bold**
@@ -48,7 +48,7 @@ Note: Responsible roles for specific items are in **bold**
4848

4949
The self-assessment provides projects with the opportunity to examine the
5050
existing security provisions of the project. It can serve as their initial
51-
security documentation for users.
51+
security documentation for users.
5252

5353
#### Create a [presentation issue](https://github.com/cncf/tag-security/issues/new?assignees=&labels=usecase-presentation&template=presentation.md&title=%5BPresentation%5D+Presentation+Title)
5454

@@ -97,7 +97,7 @@ created to coordinate the activities.
9797
#### Project creates a self-assessment
9898

9999
As is listed in the above section, the project should create a self-assessment.
100-
This should be created as a google doc to make it easier for the TAG Security
100+
This should be created as a google doc to make it easier for the TAG Security
101101
members to edit and comment upon.
102102

103103
#### Project provides the self assessment and reviewers are assigned
@@ -153,12 +153,12 @@ prior to the *3 week* time frame for a TSSA.
153153
* **Lead security reviewer or their designee** will perform an initial, clarifying
154154
assessment to:
155155
* Verify completeness
156-
* Ask for clarifications
156+
* Ask for clarification
157157
* Ensure terms are defined
158158
* Ensure concepts introduced are explained with context
159159
* Provide quick feedback
160160

161-
**Imporantantly, comments on the document should be addressed in the document text, as
161+
**Importantly, comments on the document should be addressed in the document text, as
162162
the comments will be lost when the document is later converted to markdown.**
163163

164164
#### Security assessment
@@ -194,10 +194,10 @@ questions and feedback to the reviewers and project.
194194

195195
The assessment team also should give a quick rundown of the assessment recommendations.
196196

197-
#### Final artefacts which are committed
197+
#### Final artifacts which are committed
198198

199-
The self assessment and joint assessment are added to the repository under a
200-
directory named for the project name. The issue may then be closed and the PR
199+
The self assessment and joint assessment are added to the repository under a
200+
directory named for the project name. The issue may then be closed and the PR
201201
merged.
202202

203203
#### [Post-assessment survey](review-survey.md)

0 commit comments

Comments
 (0)