Generate documentation for the Yivi scheme manager. You can browse a live version over here.
Dependencies:
- git (to clone the scheme managers)
- Python 3
- Jinja2 (Debian package:
python3-jinja2) - yarn
Before you run the script to generate Yivi index pages run the download_repos.py script. This downloalds
most recent version of the schemes. If new schemes are added, you can modify the config.json file to add them.
python3 download_repos.py
python3 generate-index.py
To generate the JavaScript handling issuance sessions of demo credentials, run:
yarn
yarn run build
To build and run the Docker container, you can use docker compose:
docker compose up
Currently, scheme managers are considered trusted. Generating an attribute index for an untrusted scheme manager has at least the following problems at the moment:
- URLs are not validated yet. They could start with
javascript:, leading to XSS. - XML parsers are by default often vulnerable to security problems like the "billion laughs" attack, which causes enormous amounts of RAM to be used by the script. This is likely the case for the update script as well.
So, before an attribute index can be generated from untrusted scheme managers, these problems (and possibly others) need to be fixed first.