Bump xmlcalabash from 1.5.1-100 to 1.5.3-110 in /build #64
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
* Many fixes to the constraints in the OSCAL metaschemas to repair broken Metapaths. * fixing defects in metaschema constraints * Updating to latest Metaschema toolchain. Removed use of the "require" constraint. * updating readme with current links
…ts (usnistgov#1101) * Group scenarios and add edge case scenario * Group the scenarios that test o:glob-as-regex. * Add scenario for edge case where input is empty. * For selection, augment XSpec and update XSLT * Add XSpec tests for oscal-profile-resolve-select.xsl, mostly at the level of templates and functions. * Minor enhancements in oscal-profile-resolve-select.xsl: * Add support for with-parent-controls * Generate fatal error if resource cannot be fetched * Provide focused error message if resource has no suitable rlink * Handle missing matching pattern * Fix indentation * Fix scenario that intentionally omits pattern * Rename o:resource-or-warning as o:resource-or-error * Attributes, not elements, for "from" and "to" * Update expected value for 4a3cadf changes in catalog * The abc-full_catalog.xml file has changed, so the "Loose parameters" test scenario needs adjustment. * Reduce redundancy in expected metadata * metadata is copied verbatim, so no need to check details in multiple test scenarios for the match=profile template * Update verbiage to cross-reference with logged discussion pages
For consistency with select.xspec, use XSpec variable instead of entity for the path to the profile resolution examples.
random-util.xsl provides r:make-uuid and r:make-uuid-sequence for creating one or more random UUIDs. The r:make-random-string-sequence function supports more flexible random patterns. Implementations here use the XPath function, random-number-generator. random-util.xspec provides template- and function-level tests for code in random-util.xsl.
Implementing an idea from @wendellpiez: Instead of iterating over a numeric sequence that represents the position of each character in a long string, iterate over the sequence of characters. This change is in the implementation only, not in the function output. I used ad hoc modifications of the label="seq-length=10000" scenario in the XSpec test to check that the original and modified functions produce the same UUID sequence.
…istgov#1175) - Metadata tests and way of determining top UUID - Remove global parameter assign-uuid (note backward incompatibility - is it OK?) - Instead, support global parameters uuid-method and top-uuid, in uuid-method-choice.xsl - Support global parameter hide-source-profile-uri - Stub of opr:oscal-version function - Stub of message handler template, using xsl:message for now - Add XSpec tests - Add table of parameters and clarify testing folder content - Change "home" from global param to global variable; does not need to be set from outside
XSLT - Move some code from oscal-profile-resolve-select.xsl to new file, select-or-custom-merge.xsl, and share it between Selection phase and Merge phase. - Add error checking for multiple structuring directives. - Finish the incomplete support for `insert-controls/@order`. - Fix bug in support for `@with-parent-controls` in Selection phase. XSpec - In select.xspec, add test for order of controls matching imported document, not profile document. Also, add test for `@with-parent-controls` bug fix. - Create merge-combine.xspec for testing combine-elements and mode="o:combine-elements" templates. - Organize tests among merge.xspec, merge-combine.xspec, merge-as-is.xspec, and merge-custom.xspec. - Integrate back-matter testing into template-level tests in merge.xspec and merge-as-is.xspec, and delete merge-back-matter.xspec.
* Added mapping model supporting mapping controls and control statements between two catalogs. * Adjusted relationships based on PR usnistgov#1150 discussions. Added type enumerations. * Included a simple example
Adding the mapping model to the metaschema CI build.
Bumps [ajv-cli](https://github.com/ajv-validator/ajv-cli) from 4.2.0 to 5.0.0. - [Release notes](https://github.com/ajv-validator/ajv-cli/releases) - [Commits](ajv-validator/ajv-cli@v4.2.0...v5.0.0) --- updated-dependencies: - dependency-name: ajv-cli dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [peter-evans/create-issue-from-file](https://github.com/peter-evans/create-issue-from-file) from 3.0.0 to 4. - [Release notes](https://github.com/peter-evans/create-issue-from-file/releases) - [Commits](peter-evans/create-issue-from-file@97e6f90...99b87c3) --- updated-dependencies: - dependency-name: peter-evans/create-issue-from-file dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@v2...v3) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2 to 3. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v2...v3) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…tgov#1357) Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 4.9.2 to 4.14.1. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](stefanzweifel/git-auto-commit-action@be7095c...49620cd) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…tgov#1358) Bumps [github.com/gohugoio/hugo](https://github.com/gohugoio/hugo) from 0.83.1 to 0.101.0. - [Release notes](https://github.com/gohugoio/hugo/releases) - [Changelog](https://github.com/gohugoio/hugo/blob/master/goreleaser.yml) - [Commits](gohugoio/hugo@v0.83.1...v0.101.0) --- updated-dependencies: - dependency-name: github.com/gohugoio/hugo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps Saxon-HE from 10.6 to 10.8. --- updated-dependencies: - dependency-name: net.sf.saxon:Saxon-HE dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.4.0 to 3.4.1. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@5b949b5...2fddd88) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [xmlcalabash](https://github.com/ndw/xmlcalabash1) from 1.2.5-100 to 1.4.1-100. - [Release notes](https://github.com/ndw/xmlcalabash1/releases) - [Commits](ndw/xmlcalabash1@1.2.5-100...1.4.1-100) --- updated-dependencies: - dependency-name: com.xmlcalabash:xmlcalabash dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…gov#1361) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Add mapping model to docs collection.
…s and profiles (usnistgov#1380) Addresses usnistgov#1312
* Revised text to address ambiguity around handling `oscal-version` in the generated catalog target based on the versions provided in the imports and source profile. Resolves usnistgov#1272. * Adding swap space to resolve memory issue with Hugo build
…gov#1381) * Profile Resolution spec: updated names of 'remove' directives * Resolves usnistgov#1246. Also repairs a few errors in surrounding copy. * Adding swap space to address Hugo memory exhaustion. Co-authored-by: David Waltermire <david.waltermire@nist.gov>
…#1460) * Support additional control-origination props usnistgov#784 * Update recommended path to target additional nodes. Co-authored-by: David Waltermire <david.waltermire@nist.gov>
* Add related finding assembly. usnistgov#1120 * Add finding assembly to support related-findings, also moved finding to assessment common from assessment result metaschema. * Accept suggestion to revise description. Co-authored-by: Alexander Stein <alexander.stein@nist.gov>
…anch (usnistgov#1518) * Fix documentation relative paths in Metaschema Recently added links in documentation refer to href="/OSCAL" and not href="https://pages.nist.gov/OSCAL" in error or to simplify link gen and lookup. Now that we are remapping the full URLs to local paths and offsets for link-checking, we want these to be consistent across the board in Metaschema after usnistgov#1263. * Pushing generated website pages manual override [ci skip]. * Restore rel paths for develop branch ref model docs and fix link checks. * Test full URLs per @dave-waltermire-nist's PR feedback.
…gov#1361) (usnistgov#1517) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…gov#1361) (usnistgov#1514) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…gov#1361) (usnistgov#1519) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…gov#1361) (usnistgov#1515) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…gov#1361) (usnistgov#1516) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…gov#1361) (usnistgov#1533) Bumps golang from 1.18.3-bullseye to 1.18.4-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…snistgov#1513) Profile checker Schematron queryBinding from xslt3->xslt2. We need to do this in the interim or we will need to significantly change or upgrade the CI/CD Schematron checker from current Schematron/schematron skeleton to SchXslt or equivalent. The former is mothballed and there was no addition of XSLT3 support. Potentially investigate further. Team discussion: https://gitter.im/usnistgov-OSCAL/xslt-etc?at=634dc527dcbf067fdc9c47cd Schematron issue: Schematron/schematron#20 SchXslt docs on XSLT 3.0 support: https://github.com/schxslt/schxslt/blob/62f1141613c9d4c02d8de86713bb3f3b29d6cf1c/README.md#additional-xslt-elements
Bumps [peaceiris/actions-gh-pages](https://github.com/peaceiris/actions-gh-pages) from 3.8.0 to 3.9.0. - [Release notes](https://github.com/peaceiris/actions-gh-pages/releases) - [Changelog](https://github.com/peaceiris/actions-gh-pages/blob/main/CHANGELOG.md) - [Commits](peaceiris/actions-gh-pages@068dc23...de7ea6f) --- updated-dependencies: - dependency-name: peaceiris/actions-gh-pages dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@3cea537...83fd05a) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…stgov#1535) Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 4.15.1 to 4.15.3. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](stefanzweifel/git-auto-commit-action@fd157da...0049e3f) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Add possible Schematron documentation checks This is the product of the meeting and spike where we pair-programmed and came up with example Schematron rules for tentative editorial standards that can be used for reviews of models and embedded docs as part of usnistgov#801. Co-authored-by: Chris Compton <chris.compton@nist.gov> Co-authored-by: Rene Rene Tshiteya <rene-claude.tshiteya@gsa.gov> Co-authored-by: Wendell Piez <wendell.piez@nist.gov> Add CI/CD checking of Schematron doc standards checking. Always zip and upload Schematron validation results for potential debug. * After, show the Schematron checks passing after Metaschema def fixes. * Revert validate-metaschema.sh changes. * Revert refactored Schematron and remove from PR. * Update metaschema module to include updated Schematron in usnistgov/metaschema#246. Co-authored-by: David Waltermire <david.waltermire@nist.gov>
Defined a constraint to validate the allowed characters for a fragment. Resolves usnistgov#756.
…gov#1538) Bumps golang from 1.19.2-bullseye to 1.19.3-bullseye. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ed-by relation in links usnistgov#1022 (usnistgov#1452) * Adds a constraint and index of by-component objects to support provided-by relation in links usnistgov#1022 * Fix path in by-component-export-provided-uuid index to include statement level.
Bumps [xmlcalabash](https://github.com/ndw/xmlcalabash1) from 1.5.1-100 to 1.5.3-110. - [Release notes](https://github.com/ndw/xmlcalabash1/releases) - [Commits](ndw/xmlcalabash1@1.5.1-100...1.5.3-110) --- updated-dependencies: - dependency-name: com.xmlcalabash:xmlcalabash dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
|
Looks like com.xmlcalabash:xmlcalabash is up-to-date now, so this is no longer needed. |
dependabot
bot
deleted the
dependabot/maven/build/develop/com.xmlcalabash-xmlcalabash-1.5.3-110
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps xmlcalabash from 1.5.1-100 to 1.5.3-110.
Release notes
Sourced from xmlcalabash's releases.
Commits
21f206bBump versionbffa7bdDo not put the xml namespace in a NamespaceMap626d767Fix some dependenciesd8f582cBump versionb177bc7Fix NPE on comments271d603Bump version to 1.5.1cd28e42Fix JavaDoc markupf098c9dAttempt to make a 1.5.0-110 release66eaaa0Fix bug #336 by correcting typo in error message7f136dfClean up importsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)