Andy Mills
Andy Mills
## Description Initial POC for report command. Currently only reports controls from component definition. Outputs json by default but also supports yaml. Support the ability to create output file if...
# Initial Thought Create a Lula namespace for OSCAL props to extend OSCAL. First example is to create an identifier for partially implemented controls. Could be picked up by tools...
Adding the workflow to sign the artifacts. Still needs AWS access and GitHub Secrets setup.
SAST is enabled through the use of CodeQL. The vulnerability was triggered by a PR to the CODEOWNER file which is included in the exception but did not include any...
Create a "Best Practice" doc around creating the validations in OSCAL to be used per validation engine. Using [Pepr](https://github.com/defenseunicorns/pepr/tree/main/docs/060_best-practices) as a reference.
# What Need for outputting the data obtained from the OSCAL and validations to create high level reports and possible graphical high level representations. # How Taking something in theory...
Add some unit tests for the uuid command and tools command. Did not add for for lint. Need to wait for a new release of go-oscal and rework it after...
## Description This ssp generate document also has a digram in Miro that helps illustrate the depency graph. ! Due to the size of OSCAL Models including a Mermaid diagram...
### Is your feature request related to a problem? Please describe. Component Definitions can be built using a `catalog` or `profile` see [`component-definition`](https://pages.nist.gov/OSCAL-Reference/models/v1.1.2/component-definition/json-reference/#/component-definition/components/control-implementations/source) but the `lula generate component` command requires...
### Describe what should be investigated or refactored Update the `release-process.md` inside of docs to include a newer steps and frequency on how the Lula team releases versions. Newer steps/process...