Bump golang from 1.19.0-bullseye to 1.19.3-bullseye in /build #50

* Many fixes to the constraints in the OSCAL metaschemas to repair broken Metapaths. * fixing defects in metaschema constraints * Updating to latest Metaschema toolchain. Removed use of the "require" constraint. * updating readme with current links

…ts (usnistgov#1101) * Group scenarios and add edge case scenario * Group the scenarios that test o:glob-as-regex. * Add scenario for edge case where input is empty. * For selection, augment XSpec and update XSLT * Add XSpec tests for oscal-profile-resolve-select.xsl, mostly at the level of templates and functions. * Minor enhancements in oscal-profile-resolve-select.xsl: * Add support for with-parent-controls * Generate fatal error if resource cannot be fetched * Provide focused error message if resource has no suitable rlink * Handle missing matching pattern * Fix indentation * Fix scenario that intentionally omits pattern * Rename o:resource-or-warning as o:resource-or-error * Attributes, not elements, for "from" and "to" * Update expected value for 4a3cadf changes in catalog * The abc-full_catalog.xml file has changed, so the "Loose parameters" test scenario needs adjustment. * Reduce redundancy in expected metadata * metadata is copied verbatim, so no need to check details in multiple test scenarios for the match=profile template * Update verbiage to cross-reference with logged discussion pages

For consistency with select.xspec, use XSpec variable instead of entity for the path to the profile resolution examples.

random-util.xsl provides r:make-uuid and r:make-uuid-sequence for creating one or more random UUIDs. The r:make-random-string-sequence function supports more flexible random patterns. Implementations here use the XPath function, random-number-generator. random-util.xspec provides template- and function-level tests for code in random-util.xsl.

@wendellpiez

Implementing an idea from @wendellpiez: Instead of iterating over a numeric sequence that represents the position of each character in a long string, iterate over the sequence of characters. This change is in the implementation only, not in the function output. I used ad hoc modifications of the label="seq-length=10000" scenario in the XSpec test to check that the original and modified functions produce the same UUID sequence.

…istgov#1175) - Metadata tests and way of determining top UUID - Remove global parameter assign-uuid (note backward incompatibility - is it OK?) - Instead, support global parameters uuid-method and top-uuid, in uuid-method-choice.xsl - Support global parameter hide-source-profile-uri - Stub of opr:oscal-version function - Stub of message handler template, using xsl:message for now - Add XSpec tests - Add table of parameters and clarify testing folder content - Change "home" from global param to global variable; does not need to be set from outside

XSLT - Move some code from oscal-profile-resolve-select.xsl to new file, select-or-custom-merge.xsl, and share it between Selection phase and Merge phase. - Add error checking for multiple structuring directives. - Finish the incomplete support for `insert-controls/@order`. - Fix bug in support for `@with-parent-controls` in Selection phase. XSpec - In select.xspec, add test for order of controls matching imported document, not profile document. Also, add test for `@with-parent-controls` bug fix. - Create merge-combine.xspec for testing combine-elements and mode="o:combine-elements" templates. - Organize tests among merge.xspec, merge-combine.xspec, merge-as-is.xspec, and merge-custom.xspec. - Integrate back-matter testing into template-level tests in merge.xspec and merge-as-is.xspec, and delete merge-back-matter.xspec.

* Added mapping model supporting mapping controls and control statements between two catalogs. * Adjusted relationships based on PR usnistgov#1150 discussions. Added type enumerations. * Included a simple example

Adding the mapping model to the metaschema CI build.

Bumps [ajv-cli](https://github.com/ajv-validator/ajv-cli) from 4.2.0 to 5.0.0. - [Release notes](https://github.com/ajv-validator/ajv-cli/releases) - [Commits](ajv-validator/ajv-cli@v4.2.0...v5.0.0) --- updated-dependencies: - dependency-name: ajv-cli dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [peter-evans/create-issue-from-file](https://github.com/peter-evans/create-issue-from-file) from 3.0.0 to 4. - [Release notes](https://github.com/peter-evans/create-issue-from-file/releases) - [Commits](peter-evans/create-issue-from-file@97e6f90...99b87c3) --- updated-dependencies: - dependency-name: peter-evans/create-issue-from-file dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@v2...v3) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2 to 3. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v2...v3) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…tgov#1357) Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 4.9.2 to 4.14.1. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](stefanzweifel/git-auto-commit-action@be7095c...49620cd) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…tgov#1358) Bumps [github.com/gohugoio/hugo](https://github.com/gohugoio/hugo) from 0.83.1 to 0.101.0. - [Release notes](https://github.com/gohugoio/hugo/releases) - [Changelog](https://github.com/gohugoio/hugo/blob/master/goreleaser.yml) - [Commits](gohugoio/hugo@v0.83.1...v0.101.0) --- updated-dependencies: - dependency-name: github.com/gohugoio/hugo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps Saxon-HE from 10.6 to 10.8. --- updated-dependencies: - dependency-name: net.sf.saxon:Saxon-HE dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.4.0 to 3.4.1. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@5b949b5...2fddd88) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [xmlcalabash](https://github.com/ndw/xmlcalabash1) from 1.2.5-100 to 1.4.1-100. - [Release notes](https://github.com/ndw/xmlcalabash1/releases) - [Commits](ndw/xmlcalabash1@1.2.5-100...1.4.1-100) --- updated-dependencies: - dependency-name: com.xmlcalabash:xmlcalabash dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…gov#1361) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Add mapping model to docs collection.

…s and profiles (usnistgov#1380) Addresses usnistgov#1312

* Revised text to address ambiguity around handling `oscal-version` in the generated catalog target based on the versions provided in the imports and source profile. Resolves usnistgov#1272. * Adding swap space to resolve memory issue with Hugo build

…gov#1381) * Profile Resolution spec: updated names of 'remove' directives * Resolves usnistgov#1246. Also repairs a few errors in surrounding copy. * Adding swap space to address Hugo memory exhaustion. Co-authored-by: David Waltermire <[email protected]>

…1377) XSLT - Remove template that provides link to source, because metadata phase accomplished that - Add "[last()]" predicate when passing through elements that cannot appear twice - Align with schema by passing through revisions, document-id, location, and group/link but not control/annotation - Align with schema for param insertions, `<insert type="param" id-ref="...">` - Align with schema and spec for keeping items, `<prop name="keep" value="always">` XSpec - Add tests at the level of individual templates

If a back-matter resource has a keep instruction, the spec requirement "req-backmatter-keep" says not to replace the resource unless a later one also has a keep instruction.

Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 1.5.0 to 1.5.1. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](lycheeverse/lychee-action@76ab977...4a5af7c) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…gov#1402) Bumps golang from 1.18.4-bullseye to 1.19.0-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ov#1018 (usnistgov#1404)

* - Adjusted the profile metaschema to refactor the alter assemblies in a backwards-compatible way. - Enumerated the set of target item types for remove. - Fixed references to use current `by-` syntax. - Adjusted unit tests to support better add/remove testing. * Updated to latest metaschema development version * added default value `ending` for `add/@position`.

Bumps [actions/github-script](https://github.com/actions/github-script) from 6.1.0 to 6.1.1. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@7a5c598...d50f485) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…snistgov#1409)

…model. usnistgov#1291 (usnistgov#1417)

Bumps [actions/cache](https://github.com/actions/cache) from 3.0.5 to 3.0.8. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0865c47...fd5de65) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@b22fbbc...268d8c0) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…gov#1171) * Create`<define-assembly name="impact">` * Restored C/I/A formal names and descriptions. Resolves usnistgov#1129. Co-authored-by: David Waltermire <[email protected]>

Co-authored-by: David Waltermire <[email protected]> Signed-off-by: Alexander Stein <[email protected]>

…rrors.

* Update metaschema submodule for usnistgov#1454. * Update obsolete GCN FR OSCAL article link While working on usnistgov#1454, this link appears to have changed on the GCN news site, so we update. More info in failed build here. https://github.com/usnistgov/OSCAL/actions/runs/3054991503 Additionaly we formatted it back down to a conventional Markdown link. Previously it was an inline <a/> with data-proofer-ignore='yes' attribute and it was/is unclear why that was done. No conclusive evidence found with git blamen on a call with Dave. Be forewarned: if you found this commit to understand, you have likely gone too far.

…s discovered as part of usnistgov#1458. (usnistgov#1462)

…, party, and approval date. (usnistgov#1052) (usnistgov#1429) * Create actions assembly in OSCAL metadata model. * Address PR feedback to wrap up. usnistgov#1052 (review) usnistgov#1052 (comment) Co-authored-by: Al S <[email protected]>

The opr:oscal-version function meets the "req-meta-oscal-version" requirement from usnistgov#1386. The v:compare utility function helps opr:oscal-version meet the "req-meta-oscalversion-error" requirement.

@Rene2mt

…1263) * completed partial update of the Metadata object documentation. * adjustments to roles * adjusted the cardinality of location/address to make address optional. * Improved documentation and constraints related to location and parties * addressed the remainder of metadata and control feedback from @Rene2mt. * Improved the introductory remarks for a profile to better describe what a profile is and what it does. * Fixed a broken constraint that was not targeting the right node. * started refining descriptions and adding properties to describe identifier attributes. * Addressed feedback from AJ during 20220718-20220722. (#48) * Week 30 feedback on SSP model. (#49) * Proposed metaschema docs updates (#50) * Addressed feedback based on usnistgov#1392 * Adjustments based on model review feedback on 8/12. * Removed outdated merge phase remarks. Created issue #53 to address this. * Addressed A.J. Stein's Week 32 Feedback for Model Review (#52) * Addressed AJ Stein's week 32 feedback for usnistgov#1331. * Addressed DRAFT: Update catalog & profile metaschema documentation (#51) * Update catalog & profile metaschema documentation * Add props to control identifier * Fixed broken syntax and addressed consistency in wording within the Profile 'merge' construct. * Adjustments to alter, moving to to an inline definition * cleaned up empty remark. * Removed redundant constraints * removed some redundant constraints * Preliminary work on URI documentation to address usnistgov#1249. * More work on document URI use in OSCAL * Updating data types related to usnistgov/metaschema#224. * Improved consistency of how URI concepts are discussed. * Added note about party locations * Updated Metaschema instances of `uri` and `uri-reference` data types to indicate their URI semantics. Resolves usnistgov#1249. * Added identifier props to control layer metaschemas (#55) * Responding to usnistgov#1066: metaschema edits; CSS enhancement (#56) * Whitespace cleanup in metadata metaschema * Apply suggestions from code review Co-authored-by: Alexander Stein <[email protected]> Co-authored-by: Wendell Piez <[email protected]> Co-authored-by: Rene Tshiteya <[email protected]>

Most of the XSLT changes are to align with the latest specification. XSLT - Warn if set-parameter matches nothing - Handle more types of children of param - Make match="control" template handle both implicit and explicit binding - New oscal:patches-to-id-targeting-ancestor function for processing needed in multiple places - For explicit binding that adds a title, add it after original title to facilitate keeping the right one in finish phase - For removal by class, expect exact match with no tokenization or case insensitivity - In finish phase, keep only last title of a control XSpec - Add tests at the level of individual templates and functions

Bumps golang from 1.19.0-bullseye to 1.19.3-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump golang from 1.19.0-bullseye to 1.19.3-bullseye in /build #50

Bump golang from 1.19.0-bullseye to 1.19.3-bullseye in /build #50

Commits on Aug 23, 2022

Commits on Aug 25, 2022

Commits on Aug 31, 2022

Commits on Sep 9, 2022

Commits on Sep 19, 2022

Commits on Sep 20, 2022

Commits on Sep 26, 2022

Commits on Sep 27, 2022

Commits on Nov 2, 2022