Releases: CERTCC/Vultron
Vultron v2024.4.2
Minor dependency update release
What's Changed
- Add TLP note to EM implementation notes by @ahouseholder in #113
- Trigger linkchecker.yml and python-app.yml on changes to requirements.txt by @ahouseholder in #116
- Remove polyfill.io from mkdocs.yml by @ahouseholder in #134
- Update dependencies
Full Changelog: v2024.4.1...v2024.4.2
Vultron v2024.4.1
Documentation fixes & dependency updates
- External links open in new tabs
- Fixed a couple sidebar navigation bugs
What's Changed
- fix capitalization on SHOULD not -> SHOULD NOT by @ahouseholder in #105
- add {:target="_blank"} to external links by @ahouseholder in #106
- fix nav order for cs model by @ahouseholder in #107
- add calver adr by @ahouseholder in #108
- Add requirement.txt to watched files for python-app.yml by @ahouseholder in #111
- Bump mkdocs-autorefs from 0.5.0 to 1.0.1 by @dependabot in #110
- Bump the mkdocs group with 4 updates by @dependabot in #109
- Fix a link to CVD guide by @ahouseholder in #112
Full Changelog: v2024.4...v2024.4.1
Vultron v2024.4
Vultron v2024.4 adds a Measuring CVD and Other Uses Vultron content based on https://insights.sei.cmu.edu/library/a-state-based-model-for-multi-party-coordinated-vulnerability-disclosure-mpcvd/
- Measuring CVD
- Possible Histories
- Desirable Histories
- Random Walks
- Reasoning Over Histories
- Discriminating Skill from Luck
- Observing Skill
- Benchmarking CVD
- Benchmarking MPCVD
- Other Uses of Vultron
- Stakeholder Roles
- Defining Zero Days
- Policy Formalization
- Situation Awareness
- VEP
- CVD Action Rules
Also expanded Case State Model section to incorporate more from the State-Based Model paper.
Case State
- Vulnerability Lifecycle Events
- Introduction
- CS States
- CS Transitions
- CS Process Model
What's Changed
- Add coordination / disclosure diagrams by @ahouseholder in #85
- Add content from State paper by @ahouseholder in #102
Update dependencies
- Bump the mkdocs group with 2 updates by @dependabot in #83
- Bump the mkdocs group with 1 update by @dependabot in #84
- Bump tj-actions/changed-files from 42 to 43 by @dependabot in #87
- Bump the mkdocs group with 2 updates by @dependabot in #88
- Bump the mkdocs group with 2 updates by @dependabot in #89
- Bump the mkdocs group with 1 update by @dependabot in #92
- Bump tj-actions/changed-files from 43 to 44 by @dependabot in #91
- Bump actions/configure-pages from 4 to 5 by @dependabot in #90
- Bump the mkdocs group with 3 updates by @dependabot in #93
- Bump owlready2 from 0.45 to 0.46 in the ontology group by @dependabot in #94
- Bump DavidAnson/markdownlint-cli2-action from 15 to 16 by @dependabot in #97
- Bump networkx from 3.2.1 to 3.3 by @dependabot in #95
- Bump scipy from 1.12.0 to 1.13.0 by @dependabot in #96
- Bump markdown-exec from 1.8.0 to 1.8.1 by @dependabot in #100
- Bump mkdocs-print-site-plugin from 2.3.6 to 2.4.0 in the mkdocs group by @dependabot in #98
- Bump pandas from 2.2.1 to 2.2.2 by @dependabot in #99
Full Changelog: v2024.1.1...v2024.4
Vultron v2024.1.1 (v0.7.1)
What's Changed
-
Fix a bug where the static site build doesn't know what version it's on. by @ahouseholder in #72
-
Fix
$\LaTeX$ rendering by @ahouseholder in #74 -
Add Google Analytics for static site by @ahouseholder in #81
-
Catch up various dependencies
Full Changelog: v0.7...v0.7.1
Vultron v2024.1 (v0.7)
In this release, we focused on overlaying the Vultron Protocol onto the ActivityStreams Vocabulary.
Included in this release are:
- Python code implementing ActivityStreams (AS) objects and activities
- Web Ontology Language (OWL) ontologies mapping the Vultron Protocol onto the ActivityStreams Vocabulary (in Turtle syntax)
- A Vultron AS Python module that can generate ActivityStreams messages consistent with the Vultron Protocol in accordance with the OWL mapping.
- Documentation for all the above
- Minor improvements to existing documentation (e.g., add grid cards for navigation elements instead of unordered lists)
- Build environment improvements
- Dependency updates
Note that this release is focused on producing message formats, not on the handling of those messages on the receiving end. Processing of received messages is planned to be the subject of a future release.
What's Changed
- Cleanup by @ahouseholder in #39
- doc cleanup by @ahouseholder in #40
- Activitystreams vocabulary ADR by @ahouseholder in #41
- Minor python cleanup by @ahouseholder in #43
- Add Vultron ActivityStreams ontology by @ahouseholder in #44
- Add ActivityStreams process docs by @ahouseholder in #45
- Add Vultron ActivityStreams Python and docs by @ahouseholder in #46
- Housekeeping by @ahouseholder in #47
- Update COPYRIGHT.md by @ahouseholder in #48
- Fix doc links by @ahouseholder in #49
- Update dependabot.yml by @ahouseholder in #55
- Update deploy_site.yml by @ahouseholder in #62
- Update deploy_site.yml by @ahouseholder in #63
- Add Linkchecker workflow by @ahouseholder in #68
- Vultron ActivityStreams Examples: Python by @ahouseholder in #66
- Vultron ActivityStreams Examples: docs by @ahouseholder in #67
- Remove obsolete files by @ahouseholder in #69
Dependency Updates
Python
- Bump markdown-exec from 1.7.0 to 1.8.0 by @dependabot in #51
- Bump mkdocs-material from 9.4.14 to 9.5.2 by @dependabot in #34
- Bump mkdocs-material from 9.5.2 to 9.5.3 by @dependabot in #36
- Bump mkdocs-material from 9.5.3 to 9.5.4 by @dependabot in #52
- Bump mkdocs-material from 9.5.4 to 9.5.5 by @dependabot in #59
- Bump mkdocs-material from 9.5.5 to 9.5.6 by @dependabot in #64
- Bump mkdocstrings-python from 1.7.5 to 1.8.0 by @dependabot in #50
- Bump pandas from 2.1.3 to 2.1.4 by @dependabot in #35
- Bump pandas from 2.1.4 to 2.2.0 by @dependabot in #53
- Bump scipy from 1.11.4 to 1.12.0 by @dependabot in #54
Github Actions
- Bump DavidAnson/markdownlint-cli2-action from 13 to 15 by @dependabot in #58
- Bump actions/configure-pages from 3 to 4 by @dependabot in #60
- Bump actions/setup-python from 3 to 5 by @dependabot in #56
- Bump actions/upload-artifact from 3 to 4 by @dependabot in #57
- Bump actions/upload-pages-artifact from 2 to 3 by @dependabot in #61
- Bump tj-actions/changed-files from 40 to 41 in /.github/workflows by @dependabot in #37
- Bump tj-actions/changed-files from 41 to 42 by @dependabot in #65
Full Changelog: v0.6...v0.7
Vultron v2023.12 (v0.6)
In this release, we added the following new features
- Add
vultron.case_states
package to represent the Case State (hypercube) state machine. - Add
vultron.bt
package to model Vultron behaviors as behavior trees - Add
vultron.bt.base
package to provide a basic behavior tree implementation - Improve project automation (markdownlint, test and build workflow, CODEOWNERS etc.)
- Start using Any Decision Records to capture significant project decisions
- Update python dependencies
What's Changed
- add CODEOWNERS by @ahouseholder in #7
- Add case state python code, docs by @ahouseholder in #8
- Create python-app.yml by @ahouseholder in #9
- Update CONTRIBUTING.md by @ahouseholder in #10
- add mkdocs print-site plugin by @ahouseholder in #11
- reformat ack file by @ahouseholder in #12
- add ADR folder, exclude from site publication by @ahouseholder in #13
- Create dependabot.yml by @ahouseholder in #14
- Bump mkdocs-material-extensions from 1.1.1 to 1.3 by @dependabot in #15
- Create Markdown Lint actions by @ahouseholder in #17
- markdownlint -fix by @ahouseholder in #19
- limit python build & md lint runs to push/pr against relevant files by @ahouseholder in #20
- Add behavior tree code by @ahouseholder in #21
- Bump mkdocstrings-python from 1.7.3 to 1.7.4 by @dependabot in #22
- Bump mkdocstrings from 0.23.0 to 0.24.0 by @dependabot in #23
- Bump networkx from 3.2 to 3.2.1 by @dependabot in #24
- Bump mkdocs-include-markdown-plugin from 6.0.3 to 6.0.4 by @dependabot in #26
- Bump mkdocs-material from 9.4.6 to 9.4.14 by @dependabot in #27
- Bump mkdocs-material-extensions from 1.3 to 1.3.1 by @dependabot in #28
- Bump pandas from 2.1.1 to 2.1.3 by @dependabot in #29
- Bump scipy from 1.11.3 to 1.11.4 by @dependabot in #30
- Bump mkdocstrings-python from 1.7.4 to 1.7.5 by @dependabot in #31
- Markdownlint cli2 by @ahouseholder in #32
New Contributors
- @dependabot made their first contribution in #15
Full Changelog: v0.5...v0.6
Vultron v2023.9 (v0.5)
Initial website conversion from SEI Special Report: Designing Vultron: A Protocol for Multi-Party Coordinated Vulnerability Disclosure (MPCVD).
As we adapted the content from version v0.4.0 (found in the report linked above), there were a few small changes here and there to make the content fit the website presentation format better. There shouldn't be many significant differences between v0.4.0 and v0.5.0, but the format change seemed significant enough to warrant a minor version bump.