Skip to content

Releases: usnistgov/oscal-content

OSCAL Content 1.3.0 Release

13 Feb 23:59
Compare
Choose a tag to compare

Summary

The oscal-content v1.3.0 release is a minor release which fixes community-identified errors in the OSCAL representation of the NIST SP 800-53 Rev 5.1.1 catalog and provides additional OSCAL examples.

Key Take-aways for Ready Changes

The minor release provides:

  • prop/@name="label" with non-padded IDs for backwards compatibility in 800-53 catalog and prop/@name="label" with zero-padded IDs for all controls.
  • brings all existing OSCAL content to OSCAL 1.1.2
  • publishes the OSCAL content examples used during the workshop of the 4th OSCAL Conference (May, 2023).
  • updates the CI/CD pipeline to add additional validation with oscal-cli

Detailed Commit Log

Below is a detailed commit log generated by running the following command against the release branch:

git log origin/release-1.2.1..origin/release-1.3 --pretty=oneline --abbrev-commit

941c978 Publishing auto-converted artifacts [skip ci]
dbd2677 adjust makefile
cc62356 Update Makefile
d3f627a get latest oscal cli version
c17709d Update Makefile
7fc367b Update Makefile
f5869e3 install and validate oscal-cli in the make file
297a3dd Bump actions/upload-artifact from 4.3.0 to 4.3.1
0895563 Bump actions/upload-artifact from 3.1.3 to 4.3.0
f38e0f7 Bump actions/cache from 3.3.2 to 4.0.0
f0b990e updated metadata/OSCAL version to 1.1.2 and validated
c9a996b Update ifa_ssp-example.xml
9d0ee68 remove extra spaces
ca05d91 Update ifa_ssp-example.xml
bf0cdec change names
5dfd659 update file-names & oscal versions
341b28d add new content
f6d9319 Replacing the alt-idenfier props with zero-padded labels.
715faf5 corrected oscal version
397e692 Addressing SC-12 error - issue 72
562c2a0 Restore labels in the SP800-53 Rev 5.1.1 OSCAL catalog to their pre 1.2.1 version

OSCAL Content v1.2.1 Release

16 Dec 19:50
Compare
Choose a tag to compare

Summary

The oscal-content v1.2.1 release is a patch release which mainly fixes community-identified errors in the OSCAL representation of the NIST SP 800-53 Rev 5.1.1 catalog.

Key Take-aways for Ready Changes

The patch addresses bugs in 800-53 catalog (issues 224 226 227 for OSCAL content patch 1.2.1 (#228)
* addressed issue 226: error in IA-13(03)
* addresses issue 227 by removing extra related links in IA-13(01)(02)(03)
* addresses issue 229 by using consistent structure for the IA-13 ODP params
* updated metadata and backmatter to include a link to the CPRT SP800-53v5.1.1 resource
* addresses issue 224 by replacing labels with alt-identifies and adding leading zeros to accurately reflect the SP800-53 v5.1.1 release.
* updated root uuid, last-modified, revision history and back-matter.
* added leading zero to PM-7, PM-8 and PM-9 which were missing.
* fix the errors identified during the Schematron validation
* updated one more time the last modified and the uuid
* Updating Schematron rules in view of ongoing changes. (#230)
---------
Co-authored-by members of: oscal@nist.gov

Detailed Commit Log

b517381 Publishing auto-converted artifacts [skip ci]
6a8faec Merge release 1.2.1
e0a8319 Addresses bugs in 800-53 catalog (issues 224 226 227 for OSCAL content patch 1.2.1 (#228)
a1fead9 Adjust home repository to oscal-content
acc0d51 Feature 800 53 updates (#221)

OSCAL Content 1.2.0 Release

05 Dec 22:50
Compare
Choose a tag to compare

Summary

oscal-content 1.2.0 release is a minor release with minor enhancements to the NIST SP 800-53 catalog and alignment with the NIST SP 800-53 v5.1.1 CPRT release.

Key Take-aways for Ready Changes

Key take-away for this release are as follows:

Resolved profiles by adding and by aligning the catalog and the profiles with the NIST SP 800-53 v5.1.1 release.

  1. Enhances NIST SP 800-53 catalog with links added to the assessment objectives to link them with the control statements they belong to.
  2. Updated NIST SP 800-53 content to align with the NIST SP 800-53 v5.1.1 CPRT release.
  3. Updated profiles and resolved profiles to align with the NIST SP 800-53 v5.1.1 CPRT released data.

Appendix

Detailed Commit Log

Note for NIST developers: the output below is from executing the following command against the release branch (main) on a developer workstation: git log origin/release-1.0..origin/main --pretty=oneline --abbrev-commit.

1763607 (HEAD -> main, origin/release-1.2, origin/main, origin/HEAD, release-1.2) Publishing auto-converted artifacts [skip ci]
002431b Update GitHub Action HOME_REPO to point to oscal-content (#223)
da0e372 Feature 800 53 updates (#221) (#222)

OSCAL Content 1.1.0 Release

09 Nov 22:39
Compare
Choose a tag to compare

This content release aligns the OSCAL content in this repository with the OSCAL 1.1.1 release. The assets include OSCAL content examples and NIST SP800-53 rev 5.1 with the enhancements listed below.

This release of OSCAL content includes bug fixes and minor enhancements, including metadata and tagging reflecting richer control semantics, such as organizational vs system-level controls as indicated in SP800-53 Rev 5.1 Appendix C.

NOTE: The content in this release has been with the release and all content has an oscal-version of 1.1.1, it is still backwards compatible with older schemas unless otherwise noted. Review Architecture Decision Record 8 for more details.

OSCAL Content 1.0.0 Release

10 Jun 17:36
Compare
Choose a tag to compare

This content release aligns the OSCAL content in this repository with the OSCAL 1.0.0 release.

Given the MAJOR.MINOR.PATCH version "1.0.0":

  • The MAJOR.MINOR version "1.0" indicates that this content release is compatible with the OSCAL 1.0.x releases. See the OSCAL versioning for more information on how OSCAL is versioned.
  • The PATCH version "0" indicates that this release is the initial content release for the OSCAL "1.0.x".