Releases: oscal-compass/compliance-trestle
v3.5.0
v3.5.0 (2024-10-23)
Build
- build(deps): bump python-semantic-release/upload-to-gh-release (#1717)
Bumps python-semantic-release/upload-to-gh-release from 9.8.8 to 9.8.9.
updated-dependencies:
- dependency-name: python-semantic-release/upload-to-gh-release
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (5e15a03)
- build(deps): bump python-semantic-release/upload-to-gh-release (#1683)
Bumps python-semantic-release/upload-to-gh-release from 9.8.0 to 9.8.8.
updated-dependencies:
- dependency-name: python-semantic-release/upload-to-gh-release
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chris Butler <[email protected]>
Co-authored-by: Jennifer Power <[email protected]> (01332d3)
- build(deps): Bump python-semantic-release/python-semantic-release (#1682)
Bumps python-semantic-release/python-semantic-release from 9.8.0 to 9.8.8.
updated-dependencies:
- dependency-name: python-semantic-release/python-semantic-release
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chris Butler <[email protected]>
Co-authored-by: Jennifer Power <[email protected]> (56b019c)
- build(deps): bump artifact actions from 2 to 4 (#1679)
Signed-off-by: Jennifer Power <[email protected]> (2e81958)
Chore
-
chore: adds initial triaging process and stale issue handling (#1712)
-
chore: adds triaging process and stale workflow
Signed-off-by: Jennifer Power <[email protected]>
- docs: fix working in ROADMAP around stale issues
Signed-off-by: Jennifer Power <[email protected]>
- fix: fixes md formatting
Signed-off-by: Jennifer Power <[email protected]>
- chore: reword ROADMAP.md section on stale issues
Signed-off-by: Jennifer Power <[email protected]>
- fix: fixes markdown formatting
Signed-off-by: Jennifer Power <[email protected]>
Signed-off-by: Jennifer Power <[email protected]> (0350791)
- chore: add html validation to build process (#1659)
Adds link validation to all links within the documentation (810f4e7)
- chore: Merge back version tags and changelog into develop. (
dfe8929)
Ci
-
ci: updates GH credential strategy in the python-push.yml (#1726)
-
ci: updates python-push.yml to use a GitHub app for commit work
Signed-off-by: Jennifer Power <[email protected]>
- fix: removes extra ">" character
Signed-off-by: Jennifer Power <[email protected]>
Signed-off-by: Jennifer Power <[email protected]> (c69511a)
Documentation
- docs: update the compliance-trestle-fedramp plugin usage (#1517)
Signed-off-by: Jennifer Power <[email protected]> (e3aeb95)
Feature
-
feat(author-jinja): load jinja extensions from plugins (#1710)
-
Implement new helpers as jinja filters loaded via an extension
Signed-off-by: Ryan Ahearn <[email protected]>
- auto-load plugins with jinja extensions
Signed-off-by: Ryan Ahearn <[email protected]>
- Refactor jinja organization for ease of reuse
Signed-off-by: Ryan Ahearn <[email protected]>
- Document plugins including jinja extensions
Signed-off-by: Ryan Ahearn <[email protected]>
- Rename first_array_entry filter for clarity
fix some other random typos
Signed-off-by: Ryan Ahearn <[email protected]>
- Update api docs
Signed-off-by: Ryan Ahearn <[email protected]>
- Add docs for new built-in jinja filters
Signed-off-by: Ryan Ahearn <[email protected]>
- Correct the copyright line for new files
Signed-off-by: Ryan Ahearn <[email protected]>
- Remove inherited dangling comment
Signed-off-by: Ryan Ahearn <[email protected]>
Signed-off-by: Ryan Ahearn <[email protected]> (f7b63ad)
Fix
- fix(build): installs required build dependencies during semantic release build (#1736)
Semantic release is running in a container that does
not have access to the dependencies installed in make develop step
Signed-off-by: Jennifer Power <[email protected]> (4dbdf7d)
-
fix: support rule overlap for checks and target components (#1730)
-
fix: support rule overlap for checks and target components
Signed-off-by: Lou DeGenaro <[email protected]>
- Fix type specification
Signed-off-by: Lou DeGenaro <[email protected]>
- Fix typing, second try.
Signed-off-by: Lou DeGenaro <[email protected]>
- remove extraneous logging statement
Signed-off-by: Lou DeGenaro <[email protected]>
Signed-off-by: Lou DeGenaro <[email protected]> (11ab516)
-
fix(refactor): clean up timezone deprecations (#1722)
-
fix(refactor): remove deprecated datetime functionality
Signed-off-by: Chris Butler <[email protected]>
Signed-off-by: Chris Butler <[email protected]> (7b8b353)
-
fix: add testing policy to contributing.md (#1697)
-
add testing policy to contributing.md
Signed-off-by: Lou DeGenaro <[email protected]>
- Add sonar cloud info.
Signed-off-by: Lou DeGenaro <[email protected]>
Signed-off-by: Lou DeGenaro <[email protected]> (8744cee)
-
fix(markdown): writes component data for markdown without rules (#1695)
-
test: adds failing test to confirm component definition bug
Signed-off-by: Jennifer Power <[email protected]>
- feat: adds implemented requirement and statement description information
The comp_dict is populated with the information from the OSCAL JSON
and logic on when to write parts left to the ControlWriter.
Signed-off-by: Jennifer Power <[email protected]>
- fix: assemble component responses with and without rules
Signed-off-by: Jennifer Power <[email protected]>
- fix: updates control_rules logic to fix test failure
Signed-off-by: Jennifer Power <[email protected]>
- feat: centralizes logic for component inclusion in control writer
To ensure parts are written out for component definitions without
rules in a way that is not too verbose, parts will only be included
if they have rules attached or non-empty prose.
Signed-off-by: Jennifer Power <[email protected]>
- fix: updates formatting to make tests pass
Signed-off-by: Jennifer Power <[email protected]>
- docs: updates docs to reflect component authoring behavior
Signed-off-by: Jennifer Power <[email protected]>
Signed-off-by: Jennifer Power <[email protected]> (25dbc7a)
- fix(docs): add cookie consent popup (#1690)
Sign...
v3.4.0
v3.4.0 (2024-08-23)
Chore
- chore: Merge back version tags and changelog into develop. (
724ac16)
Documentation
- docs: update maintainers list to reflect active maintainers (#1638)
Signed-off-by: Jennifer Power <[email protected]>
Co-authored-by: mrgadgil <[email protected]> (f8daaae)
- docs: updates CODE_OF_CONDUCT urls in README and website (#1635)
Signed-off-by: Jennifer Power <[email protected]> (08f387a)
-
docs: adds ROADMAP.md with high level roadmap description (#1626)
-
docs: adds ROADMAP.md with high level roadmap description
Signed-off-by: Jennifer Power <[email protected]>
- chore: refines working in ROADMAP.md for clarity
Signed-off-by: Jennifer Power <[email protected]>
- docs: updates ROADMAP.md with timeline information
Signed-off-by: Jennifer Power <[email protected]>
- docs: rewords section on iterations
Adds more clarity around what takes place in
the 12-week period. No changes to the overall plan.
Signed-off-by: Jennifer Power <[email protected]>
Signed-off-by: Jennifer Power <[email protected]> (ed10dad)
Feature
- feat: add parameter aggregation support for SSP (#1668)
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]> (b2611d1)
- feat: adds dependabot configuration for continous updates (#1647)
Signed-off-by: Jennifer Power <[email protected]> (4862c4a)
-
feat: adds implementation parts to This System component in markdown (#1536)
-
feat: adds implementation part prompts for This System
Changes in assembly are due to changes in the markdown breaking the unit tests
because the This System component is associated with each statement
Signed-off-by: Jennifer Power <[email protected]>
- fix: removes this system comp prose and status duplication
The process_main_component was overwriting the first prose
response to all the parts
Signed-off-by: Jennifer Power <[email protected]>
- chore: removes TODO comment for bug review
Signed-off-by: Jennifer Power <[email protected]>
- chore: updates workding in comments in control_writer.py
Signed-off-by: Jennifer Power <[email protected]>
- chore: moves part_a_text_edited into applicable unit tests
Signed-off-by: Jennifer Power <[email protected]>
- refactor: add include-all-parts to make part responses optional
To ensure the default markdown is not overly verbose, writing all
implementation parts and the inclusion of This System is optional.
Signed-off-by: Jennifer Power <[email protected]>
- docs: updates documentation with include-all-parts description
Signed-off-by: Jennifer Power <[email protected]>
- chore: updates comments and docstring in control_writer.py updates
The goal is to increase the usefulness of the comments
Signed-off-by: Jennifer Power <[email protected]>
- fix: updates docstring in control_writer.py to improve clarity
Signed-off-by: Jennifer Power <[email protected]>
Signed-off-by: Jennifer Power <[email protected]> (54706af)
Fix
-
fix: cis benchmarks to catalog task, which mistakenly does not see all columns (#1657)
-
fix: allow sheet specification
Signed-off-by: Lou DeGenaro <[email protected]>
- fix: number of columns is too small by 1
Signed-off-by: Lou DeGenaro <[email protected]>
- Fix: examine all columns
Signed-off-by: Lou DeGenaro <[email protected]>
Signed-off-by: Lou DeGenaro <[email protected]> (6c2d3f3)
-
fix: skips sonar scans for dependabot updates (#1656)
-
fix: skips sonar scans for dependabot updates
Dependabot updates only include third party dependency updates
Signed-off-by: Jennifer Power <[email protected]>
- fix: updates workflow if statement formatting
Signed-off-by: Jennifer Power <[email protected]>
Signed-off-by: Jennifer Power <[email protected]> (050c425)
- fix: updates invalid dependabot configuation (#1650)
Signed-off-by: Jennifer Power <[email protected]> (e27f0cd)
-
fix: correct logo redirection for PyPi page (#1644)
-
fix: correct logo redirection for PyPi page
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]>
- fix: change develop to main branch in the logo link
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]>
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]> (2c4899a)
-
fix: default value for optional string params should be None (#1621)
-
fix: default value for optional string params should be None
Signed-off-by: George Vauter <[email protected]>
- pin setuptools to min version suppported by setuptools_scm
Signed-off-by: George Vauter <[email protected]>
- fix: add include_all_parts to undo accidental deletion
Signed-off-by: George Vauter <[email protected]>
Signed-off-by: George Vauter <[email protected]> (f81f567)
- fix: allow forks to correctly run the pipelines (#1633)
A small set of cleanups to the pipelines.
Signed-off-by: Jennifer Power <[email protected]>
Signed-off-by: Chris Butler <[email protected]>
Co-authored-by: Jennifer Power <[email protected]> (af4e5a2)
Unknown
- Merge pull request #1670 from oscal-compass/develop
chore: Trestle release (2420d97)
- fix - make status and mitre column optional (#1649)
Signed-off-by: Lou DeGenaro <[email protected]> (47e6936)
v3.3.0
v3.3.0 (2024-07-15)
Chore
- chore: Merge back version tags and changelog into develop. (
0c6e3d9)
Documentation
-
docs: re-phrasing code of conduct reference (#1620)
-
docs: re-phrasing code of conduct reference
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]>
- Update docs/mkdocs_code_of_conduct.md
Co-authored-by: Jennifer Power <[email protected]>
- Update docs/mkdocs_code_of_conduct.md
Co-authored-by: Jennifer Power <[email protected]>
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]>
Co-authored-by: Jennifer Power <[email protected]> (7dabaee)
- docs: removes CODE_OF_CONDUCT.md (#1609)
Removes the code of conduct file to allow
inheritance from the organization level
Signed-off-by: Jennifer Power <[email protected]> (7ba70c3)
Feature
-
feat: adds
x-trestle-add-propsto the YAML header in SSP markdown (#1534) -
feat: adds
x-trestle-add-propprocessing to CatalogReader for SSP
Signed-off-by: Jennifer Power <[email protected]>
- feat: adds ADD_PROP header to ssp in ControlWriter
Signed-off-by: Jennifer Power <[email protected]>
- docs: updates ssp authoring tutorial docs in website
Signed-off-by: Jennifer Power <[email protected]>
- fix: updates docstring on add-props test function
Signed-off-by: Jennifer Power <[email protected]>
- docs: adds info on ssp props usage to ssp authoring tutorial
Signed-off-by: Jennifer Power <[email protected]>
Signed-off-by: Jennifer Power <[email protected]> (cf3e552)
Fix
-
fix: abstract python version in pipelines (#1612)
Signed-off-by: Chris Butler <[email protected]> (60b6452)
-
fix: correct vulnerabilities (#1611)
-
fix: correct vulns
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]>
- fix: add requests version
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]>
- fix: correct datamodel code gen dependency
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]>
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]> (a68439d)
-
fix: improve trestle v3 README important info (#1592)
-
fix: improve trestle v3 README important info
Signed-off-by: Lou DeGenaro <[email protected]>
- add OSCAL models upgrade development info
Signed-off-by: Lou DeGenaro <[email protected]>
- Make mdformat happy.
Signed-off-by: Lou DeGenaro <[email protected]>
- relocate OSCAL migration section to contributing markdown
Signed-off-by: Lou DeGenaro <[email protected]>
- revise development status
Signed-off-by: Lou DeGenaro <[email protected]>
- make mdformat happy
Signed-off-by: Lou DeGenaro <[email protected]>
Signed-off-by: Lou DeGenaro <[email protected]> (0d7bc20)
-
fix: use pydantic.v1 plugin for mypy (#1595)
-
fix: use pydantic.v1 plugin for mypy
Signed-off-by: Lou DeGenaro <[email protected]>
- add mypy testcase
Signed-off-by: Lou DeGenaro <[email protected]>
- format & lint
Signed-off-by: Lou DeGenaro <[email protected]>
- sanity check
Signed-off-by: Lou DeGenaro <[email protected]>
- explicitly specify mypy config file
Signed-off-by: Lou DeGenaro <[email protected]>
- add mypy.cfg
Signed-off-by: Lou DeGenaro <[email protected]>
- revise mypy.cfg
Signed-off-by: Lou DeGenaro <[email protected]>
Signed-off-by: Lou DeGenaro <[email protected]> (fdd3d34)
- fix: update the regex of template version to prevent invalid version format (#1594)
Signed-off-by: Ma1h01 <[email protected]> (031850f)
Refactor
-
refactor: update trestle documentation webpage's Demo section to be in sync with the demo repo (#1614)
-
refactor: remove obsolete ISM demo
Signed-off-by: Ma1h01 <[email protected]>
- fix: fix the arc42 demo link
Signed-off-by: Ma1h01 <[email protected]>
- refactor: extend and finish the Task examples section
Signed-off-by: Ma1h01 <[email protected]>
Signed-off-by: Ma1h01 <[email protected]> (e5d510e)
- refactor: update the error message when set parameters have invalid values (#1581)
Signed-off-by: Ma1h01 <[email protected]>
Co-authored-by: AleJo2995 <[email protected]> (7ef4319)
Unknown
- Merge pull request #1616 from oscal-compass/develop
chore: Trestle release (11e1a06)
v3.2.0
v3.2.0 (2024-06-18)
Chore
- chore: Merge back version tags and changelog into develop. (
d72f1fd)
Documentation
- docs: updates README.md communication details (#1588)
Communication information is now centralized to
the community repo
Signed-off-by: Jennifer Power <[email protected]> (a44312c)
Feature
-
feat: add risk properties support to csv-to-oscal-cd task (#1577)
-
feat: add risk properties support to csv-to-oscal-cd task
Signed-off-by: Ma1h01 <[email protected]>
- fix: update the risk properties tests to mock the risk columns instead of creating a new csv file
Signed-off-by: Ma1h01 <[email protected]>
Signed-off-by: Ma1h01 <[email protected]>
Co-authored-by: AleJo2995 <[email protected]> (dbe8e05)
Fix
- fix: correct old pyhton versions (#1572)
Signed-off-by: Alejandro Jose Leiva Palomo <[email protected]> (d6ca166)
-
fix: handle NonNegativeIntegerDatatype and PositiveIntegerDatatype in gen_oscal (#1584)
-
fix: handle *IntegerDatatype during gen_oscal
Signed-off-by: Lou DeGenaro <[email protected]>
- fix: test cases for NonNegative and Postive IntegerDatatypes
Signed-off-by: Lou DeGenaro <[email protected]>
Signed-off-by: Lou DeGenaro <[email protected]> (888c9eb)
-
fix: correct the argument for get_rule_key in csv_to_oscal_cd.py (#1578)
-
fix: correct the argument for get_rule_key in csv_to_oscal_cd.py
Signed-off-by: Ma1h01 <[email protected]>
- test: correct comments and add another assert statement to test the existence of wrong key
Signed-off-by: Ma1h01 <[email protected]>
Signed-off-by: Ma1h01 <[email protected]>
Co-authored-by: AleJo2995 <[email protected]> (774e3cf)
Unknown
- Merge pull request #1593 from oscal-compass/develop
chore: Trestle release (8e7c490)
v3.1.0
v3.1.0 (2024-06-12)
Chore
- chore: Merge back version tags and changelog into develop. (
3d54f07)
Feature
- feat: logo (#1575)
Signed-off-by: Lou DeGenaro <[email protected]> (b33490a)
- feat: modify task csv_to_oscal_cd to allow any case for heading in csv file (#1573)
Signed-off-by: Ma1h01 <[email protected]>
Co-authored-by: AleJo2995 <[email protected]> (677c7ea)
Fix
-
fix: correct semantic release behaviour (#1564)
-
fix: Update python-sem-ver
Signed-off-by: Chris Butler <[email protected]>
- fix: Update python semantic version to latest
Signed-off-by: Chris Butler <[email protected]>
- fix: Add uploading details
Signed-off-by: Chris Butler <[email protected]>
- fix: Add uploading details
Signed-off-by: Chris Butler <[email protected]>
- fix: clean up comments
Signed-off-by: Chris Butler <[email protected]>
Signed-off-by: Chris Butler <[email protected]>
Co-authored-by: AleJo2995 <[email protected]> (064274d)
Unknown
- Merge pull request #1582 from oscal-compass/develop
chore: release (d068eb4)
v3.0.1
Fix
- Reverting last serm ver changes (
9df0703) - Revert sem release changelog and version (
01427df) - Correct sonar quality checks (#1568) (
7f93f86) - Updated README.md - breaking change (#1566) (
7397105) - Remove obsolete text, fix broken links, fix spelling (#1565) (
0955b4b) - BREAKING CHANGE (#1560) (
f714b12) - Zoom link (#1530) (
95ff6b7)
Feature
Breaking
- for new release (
7397105)
Documentation
v2.6.1
v2.6.0
Feature
Fix
v2.5.1
v2.5.0
Feature
- Add parameter value origin field to parameters (#1470) (
b86aa2b) - Allow use of OpenSCAP result files in task xccdf_result_to_oscal_ar (#1411) (
eeb715c) - Add inheritance view to ssp-generate and ssp-assemble (#1441) (
6cf498b)
Fix
- Correct empty values going in assembled profile (#1491) (
136b712) - Correct vulnerability (#1486) (
4610d24) - Move to new org (#1483) (
c456779) - Sonar (#1481) (
4e7e8fd) - Correct critical vulnerability (#1479) (
72b0f6f) - Link main readme to agile authoring setup repo (#1477) (
88c1606) - tests: Pins oscal-content references in tests the latest 1.0 commit (#1474) (
0dc7551)