Name: vsaq
Owner: Vox Media
Description: VSAQ is an interactive questionnaire application to assess the security programs of third parties.
Forked from: google/vsaq
Created: 2016-11-08 14:31:40.0
Updated: 2016-11-08 14:31:42.0
Pushed: 2016-03-09 16:18:12.0
Homepage: https://vsaq-demo.withgoogle.com
Size: 163
Language: JavaScript
GitHub Committers
| User | Most Recent Commit | # Commits |
|---|
Other Committers
| User | Most Recent Commit | # Commits |
|---|
Note: VSAQ is not an official Google product (experimental or otherwise); it's just code that happens to be owned by Google.
VSAQ is an interactive questionnaire application. Its initial purpose was to support security reviews by facilitating not only the collection of information, but also the redisplay of collected data in templated form.
At Google, questionnaires like the ones in this repository are used to assess the security programs of third parties. But the templates provided can be used for a variety of purposes, including doing a self-assessment of your own security program, or simply becoming familiar with issues affecting the security of web applications.
To test the application without deploying it, go to https://vsaq-demo.withgoogle.com.
These instructions have been tested with the following software:
These instructions assume a working directory of the repository root.
VSAQ includes an easy-to-use setup script called do.sh. It supports the
following commands:
./do.sh {install_deps|check_deps}./do.sh {build|build_prod|build_templates|build_docs} [debug]./do.sh {run}./do.sh {clean|clean_deps}./do.sh {lint}To build VSAQ, run the following commands:
./do.sh install_deps./do.sh buildTo run the VSAQ development server locally, use the run command:
./do.sh runNote that the development app server uses a snapshot of the code, taken at the time you run it. If you make changes to the code, be sure to run the appropriate build command again and restart the dev server:
./do.sh build to refresh the source code, static files, and templates../do.sh build_templates to rebuild only the Closure Templates. Then
run ./do.sh run to restart the dev server.The open source version of VSAQ does not require a dedicated back end. This means VSAQ can be hosted as a static application on any web server.
To deploy VSAQ, complete the following steps:
./do.sh build_prod ? This will run a normal build, but will also remove
test files.build directory into any directory hosted on your
web server.Example: https://vsaq-demo.withgoogle.com/vsaq.html?qpath=questionnaires/test_template.json
The reference implementation in the client_side_only_impl folder requires no
code to run on a back end. All operations are performed by vsaq_main.js in the
browser.
Although this makes deployment very easy, you may want to run a custom
server-side component for storing answers and mapping questionnaires
to users. vsaq_main.js provides example code for submitting and loading questionnaire
answers to/from a back end:
submitQuestionnaireToServer_ Submits questionnaire answers to a back end.loadAnswersFromServer_ Loads questionnaire answers from a back end.JS-Files in static/ are compiled by the Closure Compiler and placed in
build/vsaq_binary.js.
Closure Templates are compiled by the Closure Template Compiler
and placed in build/templates/vsaq/static/questionnaire/templates.soy.js.
The /questionnaires directory and parts of the /static directories are
replicated in build/.
Changes to the JSON /questionnaires do not require redeployment of the
application code, and can be done on the server if required.