OHDF Mapper Development Course Enhancements

[charleshu-8]

Planned rework for OHDF mapper course release v2:

• Schema
  • Go into more detail on possible content for each field (e.g., control tags).
• Environment set up
  • Link to Codespace. Leave manual env. set up as optional 2nd portion.
• Lab content rework
  • De-document mapping/mapper creation section (e.g., Go-Sec run-down). Try to break out from steps and format into more digestible sections.
    • Add more explanations for what's going on as we build up the mapper code as well.
  • Rework to follow the mapper components idea (fingerprinting, testing, mapper). First show mapping, then show fingerprinting implementation, then testing implementation, then mapper implementation.
  • Add non-guided lab examples (SARIF & JFrog mappers that @Rlin232 created) that necessitate student to build new system along above guided section.
  • Add section alongside guided lab where we show the result during development progress (i.e., print via Jest and Heimdall).
  • Move SAF CLI to lab section or at least append the process towards the end of the lab to allow acknowledgement of integration w/ SAF CLI.
    • Convert to course.
  • Parity check between gosec & DBProtect mapper examples.
• Add content
  • Add mapper name to OHDF-Converters README
  • Add mapper name to Heimdall format tooltip
  • Add mapper to SAF CLI generic convert command
• Continue adding w/ A Look Ahead/Knowledge Check sections to rest of course.
• Address issue where development environment for Heimdall doesn't work for non-Safari browsers.
  • Probably addressed by Codespace instance; move to actual issue on Heimdall side.
• Finish user survey.
• Probably want to either delete the More Practice section or rework it heavily to mirror an unguided lab v2.

Reminders/notes:

• Audience: Software engineers. Assume minimum competency along those lines.
• Give breathers/asides after heavy sections.
• Split into groups to perform practice examples; regroup and have each group address a section.
• Ideally is a 6-8 hour course in 1 day.

[andytang99]

Update template for SAF CLI integration in the appendix to make sure that the json.stringify is formatted. This is in the Skeleton Convert Command File section. fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf())) -> fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))

[github-actions]

Stale issue message