v1.0.3

Summary

oscal-cli 1.0.3 is a patch release with improvements and changes that are backwards compatible, specifically updating liboscal-java and metaschema-framework dependencies to make use of the OSCAL v1.1.2 models and the underlying use of the Metaschema Framework. This release also fixes a bug to properly reference embedded resource files in the release utility.

Changes: Key Take-aways

Key takeaways are below:

1. OSCAL model updates to v1.1.2
2. Correct local resource paths

Details

1. daf3ed3 Fix metaschema-java generated schema name and path for [#200](https://github.com/usnistgov/oscal-cli/issues

Appendix

Detailed Commit Log

Note for NIST developers: the output below is from executing the following command against the release branch (main) on a developer workstation: git log origin/main..origin/develop --pretty=oneline --abbrev-commit.

1. 3a3f16c Bump com.github.erosb:everit-json-schema from 1.14.3 to 1.14.4 (#243)
2. 1dfb3c0 Bump org.codehaus.mojo:license-maven-plugin from 2.3.0 to 2.4.0 (#244)
3. 727afa1 Bump org.fusesource.jansi:jansi from 2.4.0 to 2.4.1 (#229)
4. ed31bce Bump gov.nist.secauto:oss-parent from 26 to 27 (#230)
5. 42810c2 Bump org.codehaus.mojo:templating-maven-plugin from 1.0.0 to 3.0.0 (#231)
6. 53ca62f Bump com.google.auto.service:auto-service from 1.0.1 to 1.1.1 (#232)
7. 2a5ea20 Bump github/codeql-action from 2.22.8 to 3.23.2 (#240)
8. a8ff018 Bump net.sf.saxon:Saxon-HE from 12.3 to 12.4 (#225)
9. 51c89a7 Update xmlresolver 5.2.0-5.2.2 to fix pom linting for other deps (#228)
10. 4b6b205 Add CLI-level integration tests for common commands (#211)
11. a5cd2e7 Bump org.codehaus.mojo:license-maven-plugin from 2.0.0 to 2.3.0 (#219)
12. 28dd927 Bump actions/setup-java from 3.13.0 to 4.0.0 (#226)
13. adffc5a Bump github/codeql-action from 2.22.4 to 2.22.8 (#223)
14. 77ed1bd Bump commons-io:commons-io from 2.15.0 to 2.15.1 (#224)
15. eb48f1b Bump commons-io:commons-io from 2.14.0 to 2.15.0 (#215)
16. d3fbfc0 Bump io.github.git-commit-id:git-commit-id-maven-plugin (#213)
17. 8f270d8 Bump github/codeql-action from 2.22.3 to 2.22.4 (#212)
18. 9a173e1 Bump com.github.erosb:everit-json-schema from 1.14.2 to 1.14.3 (#208)
19. daf3ed3 Fix metaschema-java generated schema name and path for #200. (#201)
20. 1246d8c Bump github/codeql-action from 2.21.9 to 2.22.3 (#206)
21. 6b897bd Bump actions/checkout from 4.1.0 to 4.1.1 (#209)
22. e1aac00 Bump commons-io:commons-io from 2.13.0 to 2.14.0 (#199)
23. 86ae78f [maven-release-plugin] prepare for next development iteration

v1.0.2

Summary

oscal-cli 1.0.2 is a patch release with improvements and changes that are backwards compatible, specifically updating liboscal-java and metaschema-framework dependencies to make use of the OSCAL v1.1.1 models and the underlying use of the Metaschema Framework.

Changes: Key Take-aways

Key takeaways are below:

1. 13f4bf15 Update metaschema-framework and liboscal-java for v1.1.1 support.

Details

1. 13f4bf15 Update metaschema-framework and liboscal-java for v1.1.1 support.

Appendix

Detailed Commit Log

Note for NIST developers: the output below is from executing the following command against the release branch (main) on a developer workstation: git log origin/main..origin/develop --pretty=oneline --abbrev-commit.

1. 13f4bf15 Update metaschema-framework and liboscal-java for v1.1.1 support.
2. 24b3e413 Bump actions/checkout from 3.5.3 to 4.1.0 (#195)
3. 8899203e Bump github/codeql-action from 2.21.8 to 2.21.9 (#196)
4. 243fb42d Bump actions/setup-java from 3.12.0 to 3.13.0 (#194)
5. 75ef1e45 Bump github/codeql-action from 2.21.4 to 2.21.8 (#193)
6. 9aefbebf [maven-release-plugin] prepare for next development iteration

v1.0.1

Summary

oscal-cli 1.0.1 is a patch release with improvements and changes that are backwards compatible, specifically updating dependencies to fix issues with resources needed for schema-based validation commands.

Changes: Key Take-aways

Key takeaways are below:

1. Fixes for schema-based validation commands.

Details

1. d48958a Update metaschema-java from 0.12.0 to 0.12.1 (#174)
2. 96f10e7 Update resource paths to JSON and XML schemas (#177)

Appendix

Detailed Commit Log

Note for NIST developers: the output below is from executing the following command against the release branch (main) on a developer workstation: git log origin/main..origin/develop --pretty=oneline --abbrev-commit.

1. 8eb8c58 (tag: v3.0.1) [maven-release-plugin] prepare release v3.0.1
2. d48958a Update metaschema-java from 0.12.0 to 0.12.1 (#174)
3. e2499d9 Update GHA CI/CD checkout for version string (#173)
4. 1ce285a Bump github/codeql-action from 2.21.3 to 2.21.4 (#172)
5. 13db3f1 Bump github/codeql-action from 2.21.2 to 2.21.3 (#170)
6. c6e084c Fix build res path issue for #171.
7. f47aa8a [maven-release-plugin] prepare for next development iteration
8. 3a40408 (origin/develop) Update liboscal-java and metaschema-java (#181)
9. 178ed67 Update GHA CI/CD checkout for version string (#180)
10. 991d1ce Bump github/codeql-action from 2.21.3 to 2.21.4 (#179)
11. 96f10e7 Update resource paths to JSON and XML schemas (#177)
12. 3d513f2 Bump github/codeql-action from 2.21.2 to 2.21.3 (#175)
13. 17cb210 [maven-release-plugin] prepare for next development iteration

v1.0.0

Summary

oscal-cli 1.0.0 will be a major release with improvements and changes that are not backwards compatible, specifically removing the mapping collection subcommand.

Changes: Key Take-aways

Key takeaways for this release are below.

1. Update the CLI's support for OSCAL v1.1.0 data models.
2. Removing the obsolete mapping-collection subcommand.

Details

Below is a detailed list of all changes that will be promoted from develop to the 1.0.0 release branch.

1. 5d72533 Update liboscal-java dep to version 3.0.0 (#173)
2. cda2aee Remove mapping subcommand to align with 1.1.0 for #168. (#169)

Appendix

Detailed Commit Log

Note for NIST developers: the output below is from executing the following command against the release branch (main) on a developer workstation: git log origin/main..origin/develop --pretty=oneline --abbrev-commit.

1. 748cf6f Bump github/codeql-action from 2.21.1 to 2.21.2 (#171)
2. 5d72533 Update liboscal-java dep to version 3.0.0 (#173)
3. cda2aee Remove mapping subcommand to align with 1.1.0 for #168. (#169)
4. 8d17696 Bump github/codeql-action from 2.21.0 to 2.21.1 (#170)
5. d496442 Bump actions/setup-java from 3.11.0 to 3.12.0 (#167)
6. 83a29d5 Bump github/codeql-action from 2.20.3 to 2.21.0 (#165)
7. 65d3955 [maven-release-plugin] prepare for next development iteration

v0.3.4

Summary

oscal-cli 0.3.4 release will be a minor release with minor bug fixes and improvements. However, there are changes to how library imports work that are not backwards compatible.

Key Take-aways

This release will also update the liboscal-java 2.0.0 dependency once released. Important high-level changes are listed below.

1. Bug fixes for certain commands.
2. Bug fixes in arguments handling.
3. Include updates from latest liboscal-java 2.0.0 release

Details

1. Chore release prep 0.3.4 (#166)
2. Integrate metaschema java cli improvements (#163)
3. Add arg overwrite to resolve subcommand for #79. (#161)
4. Bump liboscal-java to 2.0.0-SNAPSHOT
5. Fix missing commits (#158)

v0.3.3

What's Changed

• Bump actions/checkout from 3.3.0 to 3.5.2 (#130)
• Bump extra-enforcer-rules from 1.6.1 to 1.6.2 (#123)
• Bump license-maven-plugin from 4.2.rc3 to 4.2 (#122)
• Bump spotbugs-annotations from 4.7.2 to 4.7.3 (#121)
• Bump actions/setup-java from 3.10.0 to 3.11.0 (#119)
• Bump Saxon-HE from 12.0 to 12.1 (#115)
• Bump github/codeql-action from 2.2.4 to 2.2.12 (#131)
• Bump everit-json-schema from 1.14.1 to 1.14.2 (#111)
• Fix bad class loaders for AR and POA&M in ConvertSubcommand (#108)
• Bump dependency.log4j2.version from 2.19.0 to 2.20.0 (#107)
• Bump github/codeql-action from 2.2.2 to 2.2.4 (#105)
• Add install and running instructions to README.md (#93)

Download

This release is on Maven Central.

Full Changelog: v0.3.2...v0.3.3

v0.3.2

What's Changed

• Test updating for 1.0.4.4/1.0.4.4-SNAPSHOT for usnistgov/liboscal-java#109. (#100)
• Bump actions/checkout from 3.1.0 to 3.3.0 (#90)
• Bump actions/upload-artifact from 3.1.1 to 3.1.2 (#91)
• Bump Saxon-HE from 11.4 to 12.0 (#94)
• Bump github/codeql-action from 2.1.29 to 2.2.2 (#101)
• Bump actions/setup-java from 3.6.0 to 3.10.0 (#103)

Download

This release is on Maven Central.

Full Changelog: v0.3.1...v0.3.2

v0.3.1

What's Changed

• Fix exception error reporting on console by @david-waltermire-nist in #68
  • The --show-stack-trace command line option can be used to show the stack trace for an internal error.
• Allow same format conversions by @david-waltermire-nist in #69
• Bump dependency.log4j2.version from 2.18.0 to 2.19.0 by @dependabot in #56
• Bump actions/checkout from 3.0.2 to 3.1.0 by @dependabot in #61
• Bump actions/setup-java from 3.5.0 to 3.6.0 by @dependabot in #63
• Bump actions/upload-artifact from 3.1.0 to 3.1.1 by @dependabot in #65
• Bump github/codeql-action from 2.1.22 to 2.1.29 by @dependabot in #66

Download

This release is on Maven Central.

Full Changelog: v0.3.0...v0.3.1

v0.3.0

What's Changed

• Added experimental support for the OSCAL mapping model, which is currently under development.
• Fixed CLI argument defects in the convert and schema generation sub-commands.
• Fixed a defect causing some errors to not be reported.
• Improved profile resolution (related to usnistgov/liboscal-java#85 and usnistgov/liboscal-java#69)
  • Improved the performance of profile resolution
  • Added support for property name="keep" in reference handing
  • Fixed reference handling for orphaned groups during flat structuring. Resolves usnistgov/liboscal-java#65.
• Fixed PMD, spotbugs, and compile errors/warnings.

Full Changelog: v0.2.0...v0.3.0

Download

This release is on Maven Central.

v0.2.0 Release

What's Changed

• Command improvements by @david-waltermire-nist in https://github.com/usnistgov/oscal-java/pull/37
  • Added support for the experimental OSCAL mapping-collection model. This model is currently under development for an OSCAL 1.1.0 release.
  • Adjusted exit code and message handling. Added support for a --show-stack-trace CLI option that will show the full stack trace for a handled error message.
  • Removed sub-commands that were not properly implemented on some model command paths. These commands were commented out in previous builds.
  • Improved error messages for some errors.
  • Added support for alter statements in profile resolution.
• Implemented Spotbugs static analysis to identify code errors and fixed identified errors.

Dependency Changes

• Bump github/codeql-action from 2.1.18 to 2.1.20 by @dependabot in #42
• Bump spotbugs-annotations from 4.2.0 to 4.7.1 by @dependabot in #39

Download

This release is on Maven Central.

Full Changelog: v0.1.1...v0.2.0