Update dependency compliance-trestle to v3.12.3#156
Open
red-hat-konflux-kflux-prd-rh02[bot] wants to merge 1 commit into
Open
Update dependency compliance-trestle to v3.12.3#156red-hat-konflux-kflux-prd-rh02[bot] wants to merge 1 commit into
red-hat-konflux-kflux-prd-rh02[bot] wants to merge 1 commit into
Conversation
red-hat-konflux-kflux-prd-rh02
Bot
force-pushed
the
konflux/mintmaker/v1.0/compliance-trestle-3.x
branch
from
1e8475d to
550d1e8
Compare
red-hat-konflux-kflux-prd-rh02
Bot
changed the title
Signed-off-by: red-hat-konflux-kflux-prd-rh02 <190377777+red-hat-konflux-kflux-prd-rh02[bot]@users.noreply.github.com>
red-hat-konflux-kflux-prd-rh02
Bot
force-pushed
the
konflux/mintmaker/v1.0/compliance-trestle-3.x
branch
from
550d1e8 to
d04cccb
Compare
red-hat-konflux-kflux-prd-rh02
Bot
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
==3.8.1→==3.12.3Release Notes
oscal-compass/compliance-trestle (compliance-trestle)
v3.12.3Compare Source
v3.12.3 (2026-05-28)
This release is published under the Apache-2.0 License.
Bug Fixes
d52d24a)Detailed Changes: v3.12.2...v3.12.3
v3.12.2Compare Source
v3.12.2 (2026-05-21)
This release is published under the Apache-2.0 License.
Detailed Changes: v3.12.1...v3.12.2
v3.12.1Compare Source
v3.12.1 (2026-05-11)
This release is published under the Apache-2.0 License.
Bug Fixes
Add cross-platform install docs and conventional-pr make target (#2202,
4444dc2)Address PR review comments on multi-train release support (#2201,
47ecd1d)Apply mdformat to maintenance_releases.md (#2201,
47ecd1d)Convert negative security checks to positive allowlists (#2201,
47ecd1d)Correct act install SHA to commit SHA (not tag object SHA) (#2201,
47ecd1d)Pin act install to v0.2.87 and fix mdformat table padding (#2202,
4444dc2)Pre-configure act image to avoid interactive prompt in CI (#2201,
47ecd1d)Upgrade cryptography to 46.0.7 (SNYK-PYTHON-CRYPTOGRAPHY-15809188, SNYK-PYTHON-CRYPTOGRAPHY-15953315) (
e14ffd0)Continuous Integration
Add act-based local workflow testing (#2202,
4444dc2)Add act-based local workflow testing and CI validation (#2202,
4444dc2)Add multi-train release support for maintenance branches (#2201,
47ecd1d)Add Snyk exception for paramiko cryptographic algorithm issue (#2218,
b4c9d94)Fix merge commit validation and document release environment setup (#2218,
b4c9d94)Detailed Changes: v3.12.0...v3.12.1
v3.12.0Compare Source
Bug Fixes
Add missing optional fields to Parameter and Property constructors
(#2049,
c1bf661)Ignore synk error for 60 days
(#2065,
0a8ad53)Latest pip-tools fails with pip 26.0
(#2079,
4fac1eb)Lint errors (#2051,
67a50e2)Mypy generic oscal control interface
(#2049,
c1bf661)Resolve mypy type error in base_markdown_node.py
(#2040,
e7de1d3)Resolve mypy type errors in generators, model_utils, and base_markdown_node
(#2040,
e7de1d3)Resolve mypy type errors in generators.py
(#2040,
e7de1d3)Resolve mypy type errors in model_utils.py
(#2040,
e7de1d3)Serialize docs update (#2041,
0158df2)Snyk flags error for orjson -> 60 days grace period
(#2065,
0a8ad53)Trivial update (#2065,
0a8ad53)deps: Bump actions/cache from 4.3.0 to 5.0.2
(#2045,
05da505)deps: Bump actions/cache from 4.3.0 to 5.0.3
(#2078,
593bb9d)deps: Bump actions/checkout from 6.0.1 to 6.0.2
(#2071,
3f7bbc1)deps: Bump actions/checkout from 6.0.1 to 6.0.2
(#2057,
8d5d3ee)deps: Bump actions/download-artifact from 6.0.0 to 7.0.0
(#2046,
50e471f)deps: Bump actions/setup-python from 6.1.0 to 6.2.0
(#2068,
1e2e7ea)deps: Bump actions/setup-python from 6.1.0 to 6.2.0
(#2054,
a1dbef4)deps: Bump actions/upload-artifact from 5.0.0 to 6.0.0
(#2043,
0e72606)deps: Bump cryptography from 46.0.3 to 46.0.4
(#2069,
fd40f56)deps: Bump cryptography from 46.0.4 to 46.0.5
(#2082,
dae460a)deps: Bump github/codeql-action from 4.31.10 to 4.31.11
(#2056,
6d4bc0c)deps: Bump github/codeql-action from 4.31.11 to 4.32.0
(#2070,
dac5dc0)deps: Bump github/codeql-action from 4.31.9 to 4.31.10
(#2044,
9e16579)deps: Bump python-semantic-release/python-semantic-release
(#2042,
a147827)Chores
Apply automated formatting to modified files
(#2040,
e7de1d3)Progressively eliminate lint exceptions (Phase 1)
(#2053,
0d7a953)Progressively eliminate lint exceptions (Phase 2)
(#2058,
d4fd6cf)Progressively eliminate lint exceptions (Phase 3)
(#2059,
e2de2dd)Progressively eliminate lint exceptions (Phase 4)
(#2060,
cbecb5d)Progressively eliminate lint exceptions (Phase 5)
(#2067,
c68a5b3)Documentation
(#1984,
0bd3e28)Features
Add a codegen test (#2041,
0158df2)Pythons supported 3.10-3.13
(#2051,
67a50e2)Update NIST 800-53 rev5 CSV/xlsx tasks and tests
(#1984,
0bd3e28)v3.11.0Compare Source
Bug Fixes
Clean up bdist (#2005,
f85944c)Clean up dependency maps (#2005,
f85944c)Clear RuleParametersValidator state between validations
(#2033,
d6d4819)Correct build caching (#2005,
f85944c)Ensure coverag fiels are generated
(#2005,
f85944c)Extra safefy on chdir tests
(#2033,
d6d4819)Fixing flaky tests including bug on reuse of a validator instance
(#2033,
d6d4819)Hatch coverage (#2005,
f85944c)Install mypy in binary distribution test
(#2005,
f85944c)Move dmcg to dev dependencies
(#2005,
f85944c)Move gitpython to dev dependencies
(#2005,
f85944c)Move pre-commit (#2005,
f85944c)Pin dmcg version (#2005,
f85944c)Run utility scripts through hatch environment
(#2005,
f85944c)deps: Bump actions/checkout from 6.0.0 to 6.0.1
(#2011,
5023fbc)deps: Bump actions/create-github-app-token from 2.2.0 to 2.2.1
(#2006,
3fc61f4)deps: Bump actions/stale from 10.1.0 to 10.1.1
(#2007,
b7b908a)deps: Bump cryptography from 45.0.7 to 46.0.3
(#1958,
4092387)deps: Bump github/codeql-action from 4.31.5 to 4.31.7
(#2012,
309aba4)deps: Bump sigstore/gh-action-sigstore-python from 3.1.0 to 3.2.0
(#2009,
6303780)Chores
Add makefile utilities (#2005,
f85944c)Clean up mypy errors in pipeline.py and command_docs.py
(#2030,
29bdb1a)Correct Snyk configuration to reflect approvals
(#2020,
fad388c)Correct type annotation (#2033,
d6d4819)Must have apt update to deal with stale images in gh
(#2020,
fad388c)Stage corrections (#2005,
f85944c)Features
Migrate to hatch for build process
(#2005,
f85944c)Transition to hatch (#2005,
f85944c)Refactoring
(#2005,
f85944c)v3.10.4Compare Source
Bug Fixes
70a754a)v3.10.3Compare Source
Bug Fixes
db540da)v3.10.2Compare Source
Bug Fixes
ae5eed0)v3.9.3Compare Source
Bug Fixes
Changelog (#1945,
3bb09e0)CHANGELOG.md semantic-verioning
(#1945,
3bb09e0)Cli.md not strictly json (#1947,
7c781d7)Md format (#1947,
7c781d7)Openssf scorecard report token-permissions 0
(#1935,
f77beac)Openssf scorecard report token-permissions 0/10
(#1935,
f77beac)Sonar complaints (#1947,
7c781d7)Trestle_author.md yml-ish (#1947,
7c781d7)Update README with link to end-to-end demo
(#1947,
7c781d7)Valid json (#1947,
7c781d7)What is going on with mdformat?
(#1947,
7c781d7)deps: Bump actions/cache from 4.2.4 to 4.3.0
(#1943,
6e78c2a)deps: Bump actions/create-github-app-token from 2.1.1 to 2.1.4
(#1937,
5aab873)deps: Bump actions/setup-python from 5.6.0 to 6.0.0
(#1938,
7536c09)deps: Bump actions/stale from 10.0.0 to 10.1.0
(#1952,
04c9423)deps: Bump datamodel-code-generator[http] from 0.33.0 to 0.34.0
(#1942,
4fa737e)deps: Bump datamodel-code-generator[http] from 0.34.0 to 0.35.0
(#1954,
906481f)deps: Bump github/codeql-action from 3.30.1 to 3.30.5
(#1944,
68bc246)deps: Bump github/codeql-action from 3.30.5 to 3.30.6
(#1950,
b8e4d54)deps: Bump github/codeql-action from 3.30.6 to 4.30.8
(#1955,
c9269df)deps: Bump github/codeql-action from 4.30.8 to 4.30.9
(#1957,
8e0ed3b)deps: Bump ossf/scorecard-action from 2.4.2 to 2.4.3
(#1951,
84500bc)deps: Bump python-semantic-release/python-semantic-release
(#1939,
ee4a006)v3.9.2Compare Source
Note: this entry added manually due to python-semantic-version upgrade issue
Bug Fixes
Add comment (#1756,
929ee37)Add newline to workflow file (#1878,
82bc3bb)Bad part name/id when generate/assemble markdown (#1928,
428d880)Do not continue on error in synk scan job (#1878,
82bc3bb)Removes unnecessary line (#1878,
82bc3bb)Unit test execution in PyCharm (#1756,
929ee37)Unit test execution in PyCharm (#1755) (#1756,
929ee37)Update new tests for cwd (#1756,
929ee37)deps: Bump actions/cache from 4.2.3 to 4.2.4 (#1930,
719eb72)deps: Bump actions/cache from 4.2.3 to 4.2.4 (#1927,
4470d53)deps: Bump actions/checkout from 4.2.2 to 5.0.0 (#1932,
3fb4ccc)deps: Bump actions/checkout from 4.2.2 to 5.0.0 (#1923,
98bd38f)deps: Bump actions/create-github-app-token from 1.12.0 to 2.1.1 (#1915,
7211962)deps: Bump actions/download-artifact from 4.2.1 to 5.0.0 (#1911,
9acb8e9)deps: Bump actions/stale from 9.1.0 to 10.0.0 (#1931,
2a048f2)deps: Bump cryptography from 44.0.2 to 45.0.6 (#1910,
9cec58e)deps: Bump cryptography from 45.0.6 to 45.0.7 (#1924,
2a09b91)deps: Bump datamodel-code-generator[http] from 0.25.3 to 0.33.0 (#1918,
b655f46)deps: Bump github/codeql-action from 3.28.13 to 3.29.11 (#1916,
3950083)deps: Bump github/codeql-action from 3.29.11 to 3.30.1 (#1933,
5a9e53d)deps: Bump ossf/scorecard-action from 2.4.1 to 2.4.2 (#1925,
9d7c5ce)deps: Bump paramiko from 3.5.0 to 4.0.0 (#1909,
a9bfc17)deps: Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 (#1929,
adb68ef)deps: Bump python-semantic-release/python-semantic-release (#1912,
94826da)deps: Bump SonarSource/sonarcloud-github-action (#1926,
3d6eddb)deps: Bump SonarSource/sonarcloud-github-action (#1884,
823bf68)deps: Bump urllib3 from 1.26.19 to 2.5.0 (#1897,
2fe4fb6)Chores
Add .synk file with pending license exceptions (#1878,
82bc3bb)Add slash at the end of fedramp link (#1878,
82bc3bb)Revert docs change (#1878,
82bc3bb)Update .snyk to correct paramiko license (#1878,
82bc3bb)Update .snyk to include pending exception (#1878,
82bc3bb)Continuous Integration
Add snyk license scanning to PR CI workflow (#1878,
82bc3bb)Documentation
Update FedRAMP doc templates link (#1878,
82bc3bb)v3.9.1Compare Source
Build
Bumps actions/setup-python from 5.5.0 to 5.6.0.
updated-dependencies:
dependency-version: 5.6.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (
c79f7bc)Updates the requirements on cmarkgfm to permit the latest version.
updated-dependencies:
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (
e1430c0)Chore
03c5beb)Ci
ci: updates for failing CI jobs (#1886)
docs: updates python-semantic-release link in guide
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (
c96da54)Documentation
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (
df4091c)Fix
The field is no longer supported. CODEOWNERS will be used.
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (
ba41c68)Fixes #1788
Signed-off-by: d10n <d10n@redhat.com>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (
357f8ca)fix: website documentation for using mike (#1817)
fix: website documentation for using mike
Signed-off-by: Chris Butler <chris.butler@redhat.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Chris Butler <chris.butler@redhat.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (
9d9ff68)Unknown
chore: Trestle release 3.9.1 (
dc59ed5)v3.9.0Compare Source
Build
Bumps cryptography from 43.0.3 to 44.0.2.
updated-dependencies:
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (
61c0b95)Bumps actions/stale from 9.0.0 to 9.1.0.
updated-dependencies:
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (
b7b5656)Chore
c578be8)Ci
ci: adds actionlint workflow (#1771)
ci: adds an actionlint workflow
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
The steps are commented and can be uncommeted when changes
are to GitHub Actions workflows
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (
95d5f71)Documentation
docs: updates security insights location and content (#1840)
docs: updates security insights location and content
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com>
Signed-off-by: Jennifer Power <barnabei.jennifer@gmail.com> (
87c4f80)Feature
feat: move dependencies from setup.cfg to pyproject.toml (#1859)
feat: add content to pyproject.toml for parity with setup.cfg
Signed-off-by: George Vauter <gvauter@redhat.com>
Signed-off-by: George Vauter <gvauter@redhat.com>
Signed-off-by: George Vauter <gvauter@redhat.com>
Signed-off-by: George Vauter <gvauter@redhat.com>
Signed-off-by: George Vauter <gvauter@redhat.com> (
2779edf)Fix
Signed-off-by: thealberto <barbaro.alberto@gmail.com>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (
7ec8006)Signed-off-by: Lou DeGenaro <lou.degenaro@gmail.com> (
b243c4a)Unknown
chore: Trestle Release (
ae6d100)Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: Jennifer Power <barnabei.jennifer@gmail.com> (
5bdcd51)Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
To execute skipped test pipelines write comment
/ok-to-test.Documentation
Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.