cisagov · snarve · Feb 11, 2025 · Feb 10, 2025 · Feb 10, 2025
diff --git a/scubagoggles/sample-report/BaselineReports.html b/scubagoggles/sample-report/BaselineReports.html
@@ -22,6 +22,7 @@
     --toggle-height: 25px;
     --toggle-width: 46px;
     --toggle-radius: 18px;
+    --unvisited-link-color: #0000EE;
 }
 
 body {
@@ -152,7 +153,8 @@
     font-family: Arial, Helvetica, sans-serif;
     color: var(--link-color);
     text-decoration: none;
-}</style>
+}
+</style>
         <style>main {
     height: 115vh;
     padding-bottom: 0px;
@@ -221,8 +223,8 @@
                 </div>
             </header>
             <h1>SCuBA GWS Secure Configuration Baseline Reports</h1>
-                        <table style = "text-align:center;">                 <colgroup><col/><col/><col/><col/></colgroup>                 <tr><th>Customer Domain</th><th>Report Date</th></tr>                 <tr><td>example.org</td><td>10/11/2024 14:01:09 Pacific Daylight Time</td></tr>             </table>
-            <br> <br/>
+            <table style = "text-align:center;"><tr><th>Customer Domain</th><th>Report Date</th></tr><tr><td>example.org</td><td>02/10/2025 09:39:58 Pacific Daylight Time</td></tr></table>
+            <br><br>
             <table>
   <thead>
     <tr>
@@ -233,35 +235,35 @@ <h1>SCuBA GWS Secure Configuration Baseline Reports</h1>
   <tbody>
     <tr>
       <td><a class="individual_reports" href=./IndividualReports/CalendarReport.html>Google Calendar</a></td>
-      <td><div class='summary pass'>4 passes</div><div class='summary'></div><div class='summary failure'>1 failure</div><div class='summary manual'>1 manual check</div><div class='summary'></div><div class='summary'></div></td>
+      <td><div class='summary pass'>5 passes</div><div class='summary'></div><div class='summary'></div><div class='summary manual'>1 manual check</div><div class='summary'></div><div class='summary'></div></td>
     </tr>
     <tr>
       <td><a class="individual_reports" href=./IndividualReports/ChatReport.html>Google Chat</a></td>
-      <td><div class='summary pass'>7 passes</div><div class='summary'></div><div class='summary'></div><div class='summary'></div><div class='summary manual'>1 omitted</div><div class='summary'></div></td>
+      <td><div class='summary pass'>5 passes</div><div class='summary warning'>1 warning</div><div class='summary failure'>1 failure</div><div class='summary'></div><div class='summary'></div><div class='summary'></div></td>
     </tr>
     <tr>
       <td><a class="individual_reports" href=./IndividualReports/ClassroomReport.html>Google Classroom</a></td>
       <td><div class='summary pass'>6 passes</div><div class='summary'></div><div class='summary'></div><div class='summary'></div><div class='summary'></div><div class='summary'></div></td>
     </tr>
     <tr>
       <td><a class="individual_reports" href=./IndividualReports/CommoncontrolsReport.html>Common Controls</a></td>
-      <td><div class='summary pass'>12 passes</div><div class='summary'></div><div class='summary failure'>6 failures</div><div class='summary manual'>14 manual checks</div><div class='summary'></div><div class='summary'></div></td>
+      <td><div class='summary pass'>6 passes</div><div class='summary warning'>2 warnings</div><div class='summary failure'>16 failures</div><div class='summary manual'>16 manual checks</div><div class='summary'></div><div class='summary'></div></td>
     </tr>
     <tr>
       <td><a class="individual_reports" href=./IndividualReports/DriveReport.html>Google Drive and Docs</a></td>
-      <td><div class='summary pass'>10 passes</div><div class='summary warning'>3 warnings</div><div class='summary failure'>3 failures</div><div class='summary'></div><div class='summary manual'>1 omitted</div><div class='summary'></div></td>
+      <td><div class='summary pass'>11 passes</div><div class='summary warning'>2 warnings</div><div class='summary failure'>3 failures</div><div class='summary'></div><div class='summary'></div><div class='summary'></div></td>
     </tr>
     <tr>
       <td><a class="individual_reports" href=./IndividualReports/GmailReport.html>Gmail</a></td>
-      <td><div class='summary pass'>25 passes</div><div class='summary warning'>2 warnings</div><div class='summary failure'>5 failures</div><div class='summary manual'>13 manual checks</div><div class='summary'></div><div class='summary'></div></td>
+      <td><div class='summary pass'>20 passes</div><div class='summary warning'>4 warnings</div><div class='summary failure'>8 failures</div><div class='summary manual'>13 manual checks</div><div class='summary'></div><div class='summary'></div></td>
     </tr>
     <tr>
       <td><a class="individual_reports" href=./IndividualReports/GroupsReport.html>Groups for Business</a></td>
-      <td><div class='summary pass'>6 passes</div><div class='summary warning'>1 warning</div><div class='summary'></div><div class='summary'></div><div class='summary'></div><div class='summary'></div></td>
+      <td><div class='summary pass'>4 passes</div><div class='summary warning'>2 warnings</div><div class='summary'></div><div class='summary'></div><div class='summary'></div><div class='summary'></div></td>
     </tr>
     <tr>
       <td><a class="individual_reports" href=./IndividualReports/MeetReport.html>Google Meet</a></td>
-      <td><div class='summary pass'>5 passes</div><div class='summary'></div><div class='summary'></div><div class='summary'></div><div class='summary'></div><div class='summary'></div></td>
+      <td><div class='summary pass'>4 passes</div><div class='summary warning'>1 warning</div><div class='summary'></div><div class='summary'></div><div class='summary'></div><div class='summary'></div></td>
     </tr>
     <tr>
       <td><a class="individual_reports" href=./IndividualReports/RulesReport.html>Rules</a></td>
@@ -273,10 +275,9 @@ <h1>SCuBA GWS Secure Configuration Baseline Reports</h1>
     </tr>
   </tbody>
 </table>
-            <br> <br/>
             <footer>
-                Report generated with <a class="individual_reports" href="https://github.com/cisagov/ScubaGoggles">CISA's ScubaGoggles</a>  tool v0.3.0
+                Report generated with <a class="individual_reports" href="https://github.com/cisagov/ScubaGoggles">CISA's ScubaGoggles</a> tool v0.4.0
             </footer>
         </main>
    </body>
-</html>
+</html>
diff --git a/scubagoggles/sample-report/IndividualReports/CalendarReport.html b/scubagoggles/sample-report/IndividualReports/CalendarReport.html
@@ -22,6 +22,7 @@
     --toggle-height: 25px;
     --toggle-width: 46px;
     --toggle-radius: 18px;
+    --unvisited-link-color: #0000EE;
 }
 
 body {
@@ -152,7 +153,8 @@
     font-family: Arial, Helvetica, sans-serif;
     color: var(--link-color);
     text-decoration: none;
-}</style>
+}
+</style>
         <script>/**
  * Adds the red, green, yellow, and gray coloring to the individual report pages.
  */
@@ -204,7 +206,6 @@
 window.addEventListener('DOMContentLoaded', (event) => {
     colorRows();
 });</script>
-        </script>
     </head>
     <body>
         <main>
@@ -217,9 +218,9 @@
                 </div>
             </header>
             <h1>Google Calendar Baseline Report</h1>
-            <h4><p><br/></p></h4>
-                        <table style = "text-align:center;">                 <colgroup><col/><col/><col/></colgroup>                 <tr><th>Customer Domain </th><th>Report Date</th><th>Baseline Version</th><th>Tool Version</th></tr>                 <tr><td>example.org</td><td>10/11/2024 14:01:08 Pacific Daylight Time</td><td>0.3</td><td>0.3.0</td></tr>             </table>
-            <h2>CALENDAR-1             <a href="https://github.com/cisagov/scubagoggles/blob/v0.3.0/baselines/calendar.md#1-External-Sharing-Options" target="_blank"\>External Sharing Options</a></h2><table>
+
+            <table style = "text-align:center;"><tr><th>Customer Domain</th><th>Report Date</th><th>Baseline Version</th><th>Tool Version</th></tr><tr><td>example.org</td><td>02/10/2025 09:39:56 Pacific Daylight Time</td><td>v0.4</td><td>v0.4.0</td></tr></table>
+            <h2>CALENDAR-1 <a href="https://github.com/cisagov/scubagoggles/blob/v0.4.0/scubagoggles/baselines/calendar.md#1-External-Sharing-Options" target="_blank">External Sharing Options</a></h2><table>
   <thead>
     <tr>
       <th>Control ID</th>
@@ -231,21 +232,21 @@ <h2>CALENDAR-1             <a href="https://github.com/cisagov/scubagoggles/blob
   </thead>
   <tbody>
     <tr>
-      <td>GWS.CALENDAR.1.1v0.3</td>
+      <td>GWS.CALENDAR.1.1v0.4</td>
       <td>External Sharing Options for Primary Calendars SHALL be configured to &quot;Only free/busy information (hide event details).&quot;</td>
       <td>Pass</td>
       <td>Shall</td>
       <td>Requirement met in all OUs and groups.</td>
     </tr>
     <tr>
-      <td>GWS.CALENDAR.1.2v0.3</td>
+      <td>GWS.CALENDAR.1.2v0.4</td>
       <td>External sharing options for secondary calendars SHALL be configured to &quot;Only free/busy information (hide event details).&quot;</td>
-      <td>Fail</td>
+      <td>Pass</td>
       <td>Shall</td>
-      <td>Requirement not met.<br>Highest Level of Sharing: Share all information, and outsiders can change calendars.</td>
+      <td>Requirement met in all OUs and groups.</td>
     </tr>
   </tbody>
-</table><h2>CALENDAR-2             <a href="https://github.com/cisagov/scubagoggles/blob/v0.3.0/baselines/calendar.md#2-External-Invitations-Warnings" target="_blank"\>External Invitations Warnings</a></h2><table>
+</table><h2>CALENDAR-2 <a href="https://github.com/cisagov/scubagoggles/blob/v0.4.0/scubagoggles/baselines/calendar.md#2-External-Invitations-Warnings" target="_blank">External Invitations Warnings</a></h2><table>
   <thead>
     <tr>
       <th>Control ID</th>
@@ -257,14 +258,14 @@ <h2>CALENDAR-1             <a href="https://github.com/cisagov/scubagoggles/blob
   </thead>
   <tbody>
     <tr>
-      <td>GWS.CALENDAR.2.1v0.3</td>
+      <td>GWS.CALENDAR.2.1v0.4</td>
       <td>External invitations warnings SHALL be enabled to prompt users before sending invitations.</td>
       <td>Pass</td>
       <td>Shall</td>
       <td>Requirement met in all OUs and groups.</td>
     </tr>
   </tbody>
-</table><h2>CALENDAR-3             <a href="https://github.com/cisagov/scubagoggles/blob/v0.3.0/baselines/calendar.md#3-Calendar-Interop-Management" target="_blank"\>Calendar Interop Management</a></h2><table>
+</table><h2>CALENDAR-3 <a href="https://github.com/cisagov/scubagoggles/blob/v0.4.0/scubagoggles/baselines/calendar.md#3-Calendar-Interop-Management" target="_blank">Calendar Interop Management</a></h2><table>
   <thead>
     <tr>
       <th>Control ID</th>
@@ -276,21 +277,21 @@ <h2>CALENDAR-1             <a href="https://github.com/cisagov/scubagoggles/blob
   </thead>
   <tbody>
     <tr>
-      <td>GWS.CALENDAR.3.1v0.3</td>
+      <td>GWS.CALENDAR.3.1v0.4</td>
       <td>Calendar Interop SHOULD be disabled.</td>
       <td>Pass</td>
       <td>Should</td>
-      <td>Requirement met.</td>
+      <td>Requirement met in all OUs and groups.</td>
     </tr>
     <tr>
-      <td>GWS.CALENDAR.3.2v0.3</td>
+      <td>GWS.CALENDAR.3.2v0.4</td>
       <td>OAuth 2.0 SHALL be used in lieu of basic authentication to establish connectivity between tenants or organizations in cases where Calendar Interop is deemed necessary for agency mission fulfillment.</td>
       <td>N/A</td>
       <td>Shall/Not-Implemented</td>
       <td>Currently not able to be tested automatically; please manually check.</td>
     </tr>
   </tbody>
-</table><h2>CALENDAR-4             <a href="https://github.com/cisagov/scubagoggles/blob/v0.3.0/baselines/calendar.md#4-Paid-Appointments" target="_blank"\>Paid Appointments</a></h2><table>
+</table><h2>CALENDAR-4 <a href="https://github.com/cisagov/scubagoggles/blob/v0.4.0/scubagoggles/baselines/calendar.md#4-Paid-Appointments" target="_blank">Paid Appointments</a></h2><table>
   <thead>
     <tr>
       <th>Control ID</th>
@@ -302,7 +303,7 @@ <h2>CALENDAR-1             <a href="https://github.com/cisagov/scubagoggles/blob
   </thead>
   <tbody>
     <tr>
-      <td>GWS.CALENDAR.4.1v0.3</td>
+      <td>GWS.CALENDAR.4.1v0.4</td>
       <td>Appointment Schedule with Payments SHALL be disabled.</td>
       <td>Pass</td>
       <td>Shall</td>
@@ -312,4 +313,4 @@ <h2>CALENDAR-1             <a href="https://github.com/cisagov/scubagoggles/blob
 </table>
         </main>
     </body>
-</html>
+</html>
diff --git a/scubagoggles/sample-report/IndividualReports/ChatReport.html b/scubagoggles/sample-report/IndividualReports/ChatReport.html
@@ -22,6 +22,7 @@
     --toggle-height: 25px;
     --toggle-width: 46px;
     --toggle-radius: 18px;
+    --unvisited-link-color: #0000EE;
 }
 
 body {
@@ -152,7 +153,8 @@
     font-family: Arial, Helvetica, sans-serif;
     color: var(--link-color);
     text-decoration: none;
-}</style>
+}
+</style>
         <script>/**
  * Adds the red, green, yellow, and gray coloring to the individual report pages.
  */
@@ -204,7 +206,6 @@
 window.addEventListener('DOMContentLoaded', (event) => {
     colorRows();
 });</script>
-        </script>
     </head>
     <body>
         <main>
@@ -217,9 +218,9 @@
                 </div>
             </header>
             <h1>Google Chat Baseline Report</h1>
-            <h4><p><br/></p></h4>
-                        <table style = "text-align:center;">                 <colgroup><col/><col/><col/></colgroup>                 <tr><th>Customer Domain </th><th>Report Date</th><th>Baseline Version</th><th>Tool Version</th></tr>                 <tr><td>example.org</td><td>10/11/2024 14:01:08 Pacific Daylight Time</td><td>0.3</td><td>0.3.0</td></tr>             </table>
-            <h2>CHAT-1             <a href="https://github.com/cisagov/scubagoggles/blob/v0.3.0/baselines/chat.md#1-Chat-History" target="_blank"\>Chat History</a></h2><table>
+
+            <table style = "text-align:center;"><tr><th>Customer Domain</th><th>Report Date</th><th>Baseline Version</th><th>Tool Version</th></tr><tr><td>example.org</td><td>02/10/2025 09:39:56 Pacific Daylight Time</td><td>v0.4</td><td>v0.4.0</td></tr></table>
+            <h2>CHAT-1 <a href="https://github.com/cisagov/scubagoggles/blob/v0.4.0/scubagoggles/baselines/chat.md#1-Chat-History" target="_blank">Chat History</a></h2><table>
   <thead>
     <tr>
       <th>Control ID</th>
@@ -231,21 +232,21 @@ <h2>CHAT-1             <a href="https://github.com/cisagov/scubagoggles/blob/v0.
   </thead>
   <tbody>
     <tr>
-      <td>GWS.CHAT.1.1v0.3</td>
+      <td>GWS.CHAT.1.1v0.4</td>
       <td>Chat history SHALL be enabled for information traceability.</td>
       <td>Pass</td>
       <td>Shall</td>
       <td>Requirement met in all OUs and groups.</td>
     </tr>
     <tr>
-      <td>GWS.CHAT.1.2v0.3</td>
+      <td>GWS.CHAT.1.2v0.4</td>
       <td>Users SHALL NOT be allowed to change their history setting.</td>
       <td>Pass</td>
       <td>Shall</td>
       <td>Requirement met in all OUs and groups.</td>
     </tr>
   </tbody>
-</table><h2>CHAT-2             <a href="https://github.com/cisagov/scubagoggles/blob/v0.3.0/baselines/chat.md#2-External-File-Sharing" target="_blank"\>External File Sharing</a></h2><table>
+</table><h2>CHAT-2 <a href="https://github.com/cisagov/scubagoggles/blob/v0.4.0/scubagoggles/baselines/chat.md#2-External-File-Sharing" target="_blank">External File Sharing</a></h2><table>
   <thead>
     <tr>
       <th>Control ID</th>
@@ -257,14 +258,14 @@ <h2>CHAT-1             <a href="https://github.com/cisagov/scubagoggles/blob/v0.
   </thead>
   <tbody>
     <tr>
-      <td>GWS.CHAT.2.1v0.3</td>
+      <td>GWS.CHAT.2.1v0.4</td>
       <td>External file sharing SHALL be disabled to protect sensitive information from unauthorized or accidental sharing.</td>
       <td>Pass</td>
       <td>Shall</td>
       <td>Requirement met in all OUs and groups.</td>
     </tr>
   </tbody>
-</table><h2>CHAT-3             <a href="https://github.com/cisagov/scubagoggles/blob/v0.3.0/baselines/chat.md#3-History-for-Spaces" target="_blank"\>History for Spaces</a></h2><table>
+</table><h2>CHAT-3 <a href="https://github.com/cisagov/scubagoggles/blob/v0.4.0/scubagoggles/baselines/chat.md#3-History-for-Spaces" target="_blank">History for Spaces</a></h2><table>
   <thead>
     <tr>
       <th>Control ID</th>
@@ -276,14 +277,14 @@ <h2>CHAT-1             <a href="https://github.com/cisagov/scubagoggles/blob/v0.
   </thead>
   <tbody>
     <tr>
-      <td>GWS.CHAT.3.1v0.3</td>
+      <td>GWS.CHAT.3.1v0.4</td>
       <td>Space history SHOULD be enabled for traceability of information.</td>
-      <td>Pass</td>
+      <td>Warning</td>
       <td>Should</td>
-      <td>Requirement met in all OUs and groups.</td>
+      <td>The following OUs are non-compliant:<ul><li>Org Name: Conversation history settings for spaces is set to: OFF by default</li></ul></td>
     </tr>
   </tbody>
-</table><h2>CHAT-4             <a href="https://github.com/cisagov/scubagoggles/blob/v0.3.0/baselines/chat.md#4-External-Chat-Messaging" target="_blank"\>External Chat Messaging</a></h2><table>
+</table><h2>CHAT-4 <a href="https://github.com/cisagov/scubagoggles/blob/v0.4.0/scubagoggles/baselines/chat.md#4-External-Chat-Messaging" target="_blank">External Chat Messaging</a></h2><table>
   <thead>
     <tr>
       <th>Control ID</th>
@@ -295,33 +296,14 @@ <h2>CHAT-1             <a href="https://github.com/cisagov/scubagoggles/blob/v0.
   </thead>
   <tbody>
     <tr>
-      <td>GWS.CHAT.4.1v0.3</td>
+      <td>GWS.CHAT.4.1v0.4</td>
       <td>External Chat messaging SHALL be restricted to allowlisted domains only.</td>
-      <td>Pass</td>
+      <td>Fail</td>
       <td>Shall</td>
-      <td>Requirement met in all OUs and groups.</td>
-    </tr>
-  </tbody>
-</table><h2>CHAT-5             <a href="https://github.com/cisagov/scubagoggles/blob/v0.3.0/baselines/chat.md#5-DLP-rules" target="_blank"\>DLP rules</a></h2><table>
-  <thead>
-    <tr>
-      <th>Control ID</th>
-      <th>Requirement</th>
-      <th>Result</th>
-      <th>Criticality</th>
-      <th>Details</th>
-    </tr>
-  </thead>
-  <tbody>
-    <tr>
-      <td>GWS.CHAT.5.1v0.3</td>
-      <td>Agencies SHOULD configure DLP rules to block or warn on sharing files with sensitive data.</td>
-      <td>Omitted</td>
-      <td>Should/Not-Implemented</td>
-      <td>Test omitted by user. The DLP capability required by the baselines is implemented by third party product, [x], which ScubaGoggles does not have the ability to check.</td>
+      <td>The following OUs are non-compliant:<ul><li>Lisa Brown: Allow external chat within: all domains</li></ul></td>
     </tr>
   </tbody>
-</table><h2>CHAT-6             <a href="https://github.com/cisagov/scubagoggles/blob/v0.3.0/baselines/chat.md#6-Content-Reporting" target="_blank"\>Content Reporting</a></h2><table>
+</table><h2>CHAT-5 <a href="https://github.com/cisagov/scubagoggles/blob/v0.4.0/scubagoggles/baselines/chat.md#5-Content-Reporting" target="_blank">Content Reporting</a></h2><table>
   <thead>
     <tr>
       <th>Control ID</th>
@@ -333,14 +315,14 @@ <h2>CHAT-1             <a href="https://github.com/cisagov/scubagoggles/blob/v0.
   </thead>
   <tbody>
     <tr>
-      <td>GWS.CHAT.6.1v0.3</td>
+      <td>GWS.CHAT.5.1v0.4</td>
       <td>Chat content reporting SHALL be enabled for all conversation types.</td>
       <td>Pass</td>
       <td>Shall</td>
       <td>Requirement met in all OUs and groups.<br>WARNING: from the log events alone, it is not possible to distinguish between an OU inheriting settings from its parent and content reporting being disabled entirely. It's possible this tool classified some child OUs as compliant due to this limitation; manual check recommended for child OUs due to this edge case.</td>
     </tr>
     <tr>
-      <td>GWS.CHAT.6.2v0.3</td>
+      <td>GWS.CHAT.5.2v0.4</td>
       <td>All reporting message categories SHOULD be selected.</td>
       <td>Pass</td>
       <td>Should</td>
@@ -350,4 +332,4 @@ <h2>CHAT-1             <a href="https://github.com/cisagov/scubagoggles/blob/v0.
 </table>
         </main>
     </body>
-</html>
+</html>