Skip to content

v3.5.0

Compare
Choose a tag to compare
@oscal-compass-bot oscal-compass-bot released this 23 Oct 17:01
· 22 commits to develop since this release

v3.5.0 (2024-10-23)

Build

  • build(deps): bump python-semantic-release/upload-to-gh-release (#1717)

Bumps python-semantic-release/upload-to-gh-release from 9.8.8 to 9.8.9.


updated-dependencies:

  • dependency-name: python-semantic-release/upload-to-gh-release
    dependency-type: direct:production
    update-type: version-update:semver-patch
    ...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (5e15a03)

  • build(deps): bump python-semantic-release/upload-to-gh-release (#1683)

Bumps python-semantic-release/upload-to-gh-release from 9.8.0 to 9.8.8.


updated-dependencies:

  • dependency-name: python-semantic-release/upload-to-gh-release
    dependency-type: direct:production
    update-type: version-update:semver-patch
    ...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chris Butler <chris.butler@redhat.com>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (01332d3)

  • build(deps): Bump python-semantic-release/python-semantic-release (#1682)

Bumps python-semantic-release/python-semantic-release from 9.8.0 to 9.8.8.


updated-dependencies:

  • dependency-name: python-semantic-release/python-semantic-release
    dependency-type: direct:production
    update-type: version-update:semver-patch
    ...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chris Butler <chris.butler@redhat.com>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (56b019c)

  • build(deps): bump artifact actions from 2 to 4 (#1679)

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (2e81958)

Chore

  • chore: adds initial triaging process and stale issue handling (#1712)

  • chore: adds triaging process and stale workflow

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • docs: fix working in ROADMAP around stale issues

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • fix: fixes md formatting

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • chore: reword ROADMAP.md section on stale issues

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • fix: fixes markdown formatting

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>


Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (0350791)

  • chore: add html validation to build process (#1659)

Adds link validation to all links within the documentation (810f4e7)

  • chore: Merge back version tags and changelog into develop. (dfe8929)

Ci

  • ci: updates GH credential strategy in the python-push.yml (#1726)

  • ci: updates python-push.yml to use a GitHub app for commit work

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • fix: removes extra ">" character

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>


Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (c69511a)

Documentation

  • docs: update the compliance-trestle-fedramp plugin usage (#1517)

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (e3aeb95)

Feature

  • feat(author-jinja): load jinja extensions from plugins (#1710)

  • Implement new helpers as jinja filters loaded via an extension

Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>

  • auto-load plugins with jinja extensions

Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>

  • Refactor jinja organization for ease of reuse

Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>

  • Document plugins including jinja extensions

Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>

  • Rename first_array_entry filter for clarity

fix some other random typos

Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>

  • Update api docs

Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>

  • Add docs for new built-in jinja filters

Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>

  • Correct the copyright line for new files

Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>

  • Remove inherited dangling comment

Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov>


Signed-off-by: Ryan Ahearn <ryan.ahearn@gsa.gov> (f7b63ad)

Fix

  • fix(build): installs required build dependencies during semantic release build (#1736)

Semantic release is running in a container that does
not have access to the dependencies installed in make develop step

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (4dbdf7d)

  • fix: support rule overlap for checks and target components (#1730)

  • fix: support rule overlap for checks and target components

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • Fix type specification

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • Fix typing, second try.

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • remove extraneous logging statement

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>


Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (11ab516)

  • fix(refactor): clean up timezone deprecations (#1722)

  • fix(refactor): remove deprecated datetime functionality

Signed-off-by: Chris Butler <chris.butler@redhat.com>


Signed-off-by: Chris Butler <chris.butler@redhat.com> (7b8b353)

  • fix: add testing policy to contributing.md (#1697)

  • add testing policy to contributing.md

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • Add sonar cloud info.

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>


Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (8744cee)

  • fix(markdown): writes component data for markdown without rules (#1695)

  • test: adds failing test to confirm component definition bug

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • feat: adds implemented requirement and statement description information

The comp_dict is populated with the information from the OSCAL JSON
and logic on when to write parts left to the ControlWriter.

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • fix: assemble component responses with and without rules

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • fix: updates control_rules logic to fix test failure

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • feat: centralizes logic for component inclusion in control writer

To ensure parts are written out for component definitions without
rules in a way that is not too verbose, parts will only be included
if they have rules attached or non-empty prose.

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • fix: updates formatting to make tests pass

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>

  • docs: updates docs to reflect component authoring behavior

Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>


Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (25dbc7a)

  • fix(docs): add cookie consent popup (#1690)

Signed-off-by: Chris Butler <chris.butler@redhat.com> (e67f73c)

  • fix(docs): correct build status icon is displayed in docs (#1689)

Signed-off-by: Chris Butler <chris.butler@redhat.com> (5385092)

  • fix: add Python coding standards info (#1686)

  • Add Python coding standards info

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • correct english

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • address reviewer suggestion on PEP8 link location

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • Trestle updating and release logistics

Inspired by need to address OpenSSF requirement:

To enable collaborative review, the project's source repository MUST
include interim versions for review between releases; it MUST NOT
include only final releases.

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • Fix contributing copyright.

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • add semantic release & tags info

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>


Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (1fe8457)

  • fix: lf footer website guidelines (#1678)

  • LF footer website guidelines

https://github.com/cncf/foundation/blob/main/website-guidelines.md

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • make mdformat

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • Trestle created

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • fix maintainers link

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • <hr>

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • remove hr

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • fix maintainers reference

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • And license.

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • add cncf logo

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • fix trestle website too

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • restore maintainers.md

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>

  • remove Red Hat from footer, per Red Hat request

Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com>


Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (40b2880)

Unknown

  • Merge pull request #1737 from oscal-compass/develop

chore: Trestle release (7d3ee4c)

  • Merge pull request #1735 from oscal-compass/develop

chore: Trestle release (26b7734)

  • fix(profile-resolve):handle unspecified aggregate parameters (#1709)

Signed-off-by: Michael Davie <mldavie@amazon.com>
Co-authored-by: Alejandro Leiva <alejandro.leiva.palomo@ibm.com> (bc6f510)