compliance-trestle

compliance-trestle copied to clipboard

## Issue description / feature objectives This should be part of the broader discussion on the SDK for trestle. Trestle `tasks` API was designed for CLI based workflows to provide...

butler54

Update authors information in project metadata to reflect CNCF community

1

## Describe the bug Current authors information in PYPI states IBM is the author and lists @vikas-agarwal76's email ## To Reproduce Visit here: https://pypi.org/project/compliance-trestle/ ## Expected behavior - This should...

butler54

A merge bot to compliance-trestle.

3

## Issue description / feature objectives - What groups need to approval - Do we need codeowners for approval? - Two approvers? - Which merge bot (tool) ## Caveats /...

butler54

Update trestle project structure to better define the SDK APIs

2

## Issue description / feature objectives To support the `trestle` SDK user, create well-defined APIs so users can understand the SDK functionality what API signatures cannot be changed without breaking...

jpower432

## Describe the bug When using `trestle author jinja` to create documents from an ssp/profile combination, any jinja tags within the OSCAL result in jinja errors. ## To Reproduce SSP...

rahearn

## Issue description / feature objectives `trestle` currently supports the leveraged authorization use case for inheritance from one SSP to a leveraging SSP. This roadmap item captures a feature set...

jpower432

Add support for OSCAL Mapping model

1

## Issue description / feature objectives Add workflows that support using the OSCAL mapping model ## Caveats / Assumptions - Pending Mapping model [release](https://pages.nist.gov/OSCAL-Reference/models/prototype-mapping-model/mapping/) ## Completion Criteria This is a...

jpower432

## Issue description / feature objectives Currently there are number of pinned python dependencies.Fuzz the dependency versions to understand whether we can unpin some of the dependencies. This would provide...

butler54

Update trestle release process to assure OpenSSF best practice regarding CVE's is followed

1

## Issue description / feature objectives Update the trestle release process to assure that the below OpenSSF Best practice is complied with. ``` OpenSSF Best Practice: The release notes MUST...

degenaro

fix(catalog-to-csv): write one statement per CSV row

1

## Types of changes - [ ] Hot fix (emergency fix and release) - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change...

michaeldavie-amzn