Releases: oscal-compass/compliance-trestle
v3.5.0
v3.5.0 (2024-10-23)
Build
- build(deps): bump python-semantic-release/upload-to-gh-release (#1717)
Bumps python-semantic-release/upload-to-gh-release from 9.8.8 to 9.8.9.
updated-dependencies:
- dependency-name: python-semantic-release/upload-to-gh-release
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (5e15a03)
- build(deps): bump python-semantic-release/upload-to-gh-release (#1683)
Bumps python-semantic-release/upload-to-gh-release from 9.8.0 to 9.8.8.
updated-dependencies:
- dependency-name: python-semantic-release/upload-to-gh-release
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chris Butler <chris.butler@redhat.com>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (01332d3)
- build(deps): Bump python-semantic-release/python-semantic-release (#1682)
Bumps python-semantic-release/python-semantic-release from 9.8.0 to 9.8.8.
updated-dependencies:
- dependency-name: python-semantic-release/python-semantic-release
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chris Butler <chris.butler@redhat.com>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (56b019c)
- build(deps): bump artifact actions from 2 to 4 (#1679)
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (2e81958)
Chore
-
chore: adds initial triaging process and stale issue handling (#1712)
-
chore: adds triaging process and stale workflow
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- docs: fix working in ROADMAP around stale issues
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- fix: fixes md formatting
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- chore: reword ROADMAP.md section on stale issues
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- fix: fixes markdown formatting
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (0350791)
- chore: add html validation to build process (#1659)
Adds link validation to all links within the documentation (810f4e7)
- chore: Merge back version tags and changelog into develop. (
dfe8929)
Ci
-
ci: updates GH credential strategy in the python-push.yml (#1726)
-
ci: updates python-push.yml to use a GitHub app for commit work
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- fix: removes extra ">" character
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (c69511a)
Documentation
- docs: update the compliance-trestle-fedramp plugin usage (#1517)
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (e3aeb95)
Feature
-
feat(author-jinja): load jinja extensions from plugins (#1710)
-
Implement new helpers as jinja filters loaded via an extension
Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>
- auto-load plugins with jinja extensions
Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>
- Refactor jinja organization for ease of reuse
Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>
- Document plugins including jinja extensions
Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>
- Rename first_array_entry filter for clarity
fix some other random typos
Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>
- Update api docs
Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>
- Add docs for new built-in jinja filters
Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>
- Correct the copyright line for new files
Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>
- Remove inherited dangling comment
Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>
Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov> (f7b63ad)
Fix
- fix(build): installs required build dependencies during semantic release build (#1736)
Semantic release is running in a container that does
not have access to the dependencies installed in make develop step
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (4dbdf7d)
-
fix: support rule overlap for checks and target components (#1730)
-
fix: support rule overlap for checks and target components
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- Fix type specification
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- Fix typing, second try.
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- remove extraneous logging statement
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (11ab516)
-
fix(refactor): clean up timezone deprecations (#1722)
-
fix(refactor): remove deprecated datetime functionality
Signed-off-by: Chris Butler <chris.butler@redhat.com>
Signed-off-by: Chris Butler <chris.butler@redhat.com> (7b8b353)
-
fix: add testing policy to contributing.md (#1697)
-
add testing policy to contributing.md
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- Add sonar cloud info.
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (8744cee)
-
fix(markdown): writes component data for markdown without rules (#1695)
-
test: adds failing test to confirm component definition bug
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- feat: adds implemented requirement and statement description information
The comp_dict is populated with the information from the OSCAL JSON
and logic on when to write parts left to the ControlWriter.
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- fix: assemble component responses with and without rules
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- fix: updates control_rules logic to fix test failure
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- feat: centralizes logic for component inclusion in control writer
To ensure parts are written out for component definitions without
rules in a way that is not too verbose, parts will only be included
if they have rules attached or non-empty prose.
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- fix: updates formatting to make tests pass
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- docs: updates docs to reflect component authoring behavior
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (25dbc7a)
- fix(docs): add cookie consent popup (#1690)
Sign...
v3.4.0
v3.4.0 (2024-08-23)
Chore
- chore: Merge back version tags and changelog into develop. (
724ac16)
Documentation
- docs: update maintainers list to reflect active maintainers (#1638)
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Co-authored-by: mrgadgil <49280244+mrgadgil@users.noreply.github.com> (f8daaae)
- docs: updates CODE_OF_CONDUCT urls in README and website (#1635)
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (08f387a)
-
docs: adds ROADMAP.md with high level roadmap description (#1626)
-
docs: adds ROADMAP.md with high level roadmap description
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- chore: refines working in ROADMAP.md for clarity
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- docs: updates ROADMAP.md with timeline information
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- docs: rewords section on iterations
Adds more clarity around what takes place in
the 12-week period. No changes to the overall plan.
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (ed10dad)
Feature
- feat: add parameter aggregation support for SSP (#1668)
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com> (b2611d1)
- feat: adds dependabot configuration for continous updates (#1647)
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (4862c4a)
-
feat: adds implementation parts to This System component in markdown (#1536)
-
feat: adds implementation part prompts for This System
Changes in assembly are due to changes in the markdown breaking the unit tests
because the This System component is associated with each statement
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- fix: removes this system comp prose and status duplication
The process_main_component was overwriting the first prose
response to all the parts
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- chore: removes TODO comment for bug review
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- chore: updates workding in comments in control_writer.py
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- chore: moves part_a_text_edited into applicable unit tests
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- refactor: add include-all-parts to make part responses optional
To ensure the default markdown is not overly verbose, writing all
implementation parts and the inclusion of This System is optional.
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- docs: updates documentation with include-all-parts description
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- chore: updates comments and docstring in control_writer.py updates
The goal is to increase the usefulness of the comments
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- fix: updates docstring in control_writer.py to improve clarity
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (54706af)
Fix
-
fix: cis benchmarks to catalog task, which mistakenly does not see all columns (#1657)
-
fix: allow sheet specification
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- fix: number of columns is too small by 1
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- Fix: examine all columns
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (6c2d3f3)
-
fix: skips sonar scans for dependabot updates (#1656)
-
fix: skips sonar scans for dependabot updates
Dependabot updates only include third party dependency updates
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- fix: updates workflow if statement formatting
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (050c425)
- fix: updates invalid dependabot configuation (#1650)
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (e27f0cd)
-
fix: correct logo redirection for PyPi page (#1644)
-
fix: correct logo redirection for PyPi page
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com>
- fix: change develop to main branch in the logo link
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com>
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com> (2c4899a)
-
fix: default value for optional string params should be None (#1621)
-
fix: default value for optional string params should be None
Signed-off-by: George Vauter <gvauter@redhat.com>
- pin setuptools to min version suppported by setuptools_scm
Signed-off-by: George Vauter <gvauter@redhat.com>
- fix: add include_all_parts to undo accidental deletion
Signed-off-by: George Vauter <gvauter@redhat.com>
Signed-off-by: George Vauter <gvauter@redhat.com> (f81f567)
- fix: allow forks to correctly run the pipelines (#1633)
A small set of cleanups to the pipelines.
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Chris Butler <chris.butler@redhat.com>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (af4e5a2)
Unknown
- Merge pull request #1670 from oscal-compass/develop
chore: Trestle release (2420d97)
- fix - make status and mitre column optional (#1649)
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (47e6936)
v3.3.0
v3.3.0 (2024-07-15)
Chore
- chore: Merge back version tags and changelog into develop. (
0c6e3d9)
Documentation
-
docs: re-phrasing code of conduct reference (#1620)
-
docs: re-phrasing code of conduct reference
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com>
- Update docs/mkdocs_code_of_conduct.md
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com>
- Update docs/mkdocs_code_of_conduct.md
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (7dabaee)
- docs: removes CODE_OF_CONDUCT.md (#1609)
Removes the code of conduct file to allow
inheritance from the organization level
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (7ba70c3)
Feature
-
feat: adds
x-trestle-add-propsto the YAML header in SSP markdown (#1534) -
feat: adds
x-trestle-add-propprocessing to CatalogReader for SSP
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- feat: adds ADD_PROP header to ssp in ControlWriter
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- docs: updates ssp authoring tutorial docs in website
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- fix: updates docstring on add-props test function
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
- docs: adds info on ssp props usage to ssp authoring tutorial
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (cf3e552)
Fix
-
fix: abstract python version in pipelines (#1612)
Signed-off-by: Chris Butler <chris.butler@redhat.com> (60b6452)
-
fix: correct vulnerabilities (#1611)
-
fix: correct vulns
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com>
- fix: add requests version
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com>
- fix: correct datamodel code gen dependency
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com>
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com> (a68439d)
-
fix: improve trestle v3 README important info (#1592)
-
fix: improve trestle v3 README important info
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- add OSCAL models upgrade development info
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- Make mdformat happy.
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- relocate OSCAL migration section to contributing markdown
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- revise development status
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- make mdformat happy
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (0d7bc20)
-
fix: use pydantic.v1 plugin for mypy (#1595)
-
fix: use pydantic.v1 plugin for mypy
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- add mypy testcase
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- format & lint
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- sanity check
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- explicitly specify mypy config file
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- add mypy.cfg
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- revise mypy.cfg
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (fdd3d34)
- fix: update the regex of template version to prevent invalid version format (#1594)
Signed-off-by: Ma1h01 <yihaomai@gmail.com> (031850f)
Refactor
-
refactor: update trestle documentation webpage's Demo section to be in sync with the demo repo (#1614)
-
refactor: remove obsolete ISM demo
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
- fix: fix the arc42 demo link
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
- refactor: extend and finish the Task examples section
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
Signed-off-by: Ma1h01 <yihaomai@gmail.com> (e5d510e)
- refactor: update the error message when set parameters have invalid values (#1581)
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
Co-authored-by: AleJo2995 <alejandro.leiva.palomo@ibm.com> (7ef4319)
Unknown
- Merge pull request #1616 from oscal-compass/develop
chore: Trestle release (11e1a06)
v3.2.0
v3.2.0 (2024-06-18)
Chore
- chore: Merge back version tags and changelog into develop. (
d72f1fd)
Documentation
- docs: updates README.md communication details (#1588)
Communication information is now centralized to
the community repo
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (a44312c)
Feature
-
feat: add risk properties support to csv-to-oscal-cd task (#1577)
-
feat: add risk properties support to csv-to-oscal-cd task
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
- fix: update the risk properties tests to mock the risk columns instead of creating a new csv file
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
Co-authored-by: AleJo2995 <alejandro.leiva.palomo@ibm.com> (dbe8e05)
Fix
- fix: correct old pyhton versions (#1572)
Signed-off-by: Alejandro Jose Leiva Palomo <alejandro.leiva.palomo@ibm.com> (d6ca166)
-
fix: handle NonNegativeIntegerDatatype and PositiveIntegerDatatype in gen_oscal (#1584)
-
fix: handle *IntegerDatatype during gen_oscal
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
- fix: test cases for NonNegative and Postive IntegerDatatypes
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (888c9eb)
-
fix: correct the argument for get_rule_key in csv_to_oscal_cd.py (#1578)
-
fix: correct the argument for get_rule_key in csv_to_oscal_cd.py
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
- test: correct comments and add another assert statement to test the existence of wrong key
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
Co-authored-by: AleJo2995 <alejandro.leiva.palomo@ibm.com> (774e3cf)
Unknown
- Merge pull request #1593 from oscal-compass/develop
chore: Trestle release (8e7c490)
v3.1.0
v3.1.0 (2024-06-12)
Chore
- chore: Merge back version tags and changelog into develop. (
3d54f07)
Feature
- feat: logo (#1575)
Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (b33490a)
- feat: modify task csv_to_oscal_cd to allow any case for heading in csv file (#1573)
Signed-off-by: Ma1h01 <yihaomai@gmail.com>
Co-authored-by: AleJo2995 <alejandro.leiva.palomo@ibm.com> (677c7ea)
Fix
-
fix: correct semantic release behaviour (#1564)
-
fix: Update python-sem-ver
Signed-off-by: Chris Butler <chris.butler@redhat.com>
- fix: Update python semantic version to latest
Signed-off-by: Chris Butler <chris.butler@redhat.com>
- fix: Add uploading details
Signed-off-by: Chris Butler <chris.butler@redhat.com>
- fix: Add uploading details
Signed-off-by: Chris Butler <chris.butler@redhat.com>
- fix: clean up comments
Signed-off-by: Chris Butler <chris.butler@redhat.com>
Signed-off-by: Chris Butler <chris.butler@redhat.com>
Co-authored-by: AleJo2995 <alejandro.leiva.palomo@ibm.com> (064274d)
Unknown
- Merge pull request #1582 from oscal-compass/develop
chore: release (d068eb4)
v3.0.1
Fix
- Reverting last serm ver changes (
9df0703) - Revert sem release changelog and version (
01427df) - Correct sonar quality checks (#1568) (
7f93f86) - Updated README.md - breaking change (#1566) (
7397105) - Remove obsolete text, fix broken links, fix spelling (#1565) (
0955b4b) - BREAKING CHANGE (#1560) (
f714b12) - Zoom link (#1530) (
95ff6b7)
Feature
Breaking
- for new release (
7397105)
Documentation
v2.6.1
v2.6.0
Feature
Fix
v2.5.1
v2.5.0
Feature
- Add parameter value origin field to parameters (#1470) (
b86aa2b) - Allow use of OpenSCAP result files in task xccdf_result_to_oscal_ar (#1411) (
eeb715c) - Add inheritance view to ssp-generate and ssp-assemble (#1441) (
6cf498b)
Fix
- Correct empty values going in assembled profile (#1491) (
136b712) - Correct vulnerability (#1486) (
4610d24) - Move to new org (#1483) (
c456779) - Sonar (#1481) (
4e7e8fd) - Correct critical vulnerability (#1479) (
72b0f6f) - Link main readme to agile authoring setup repo (#1477) (
88c1606) - tests: Pins oscal-content references in tests the latest 1.0 commit (#1474) (
0dc7551)