Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NIST SP800-53 catalog with labels restored #238

Merged
merged 4 commits into from
Jan 31, 2024
Merged

NIST SP800-53 catalog with labels restored #238

merged 4 commits into from
Jan 31, 2024

Conversation

iMichaela
Copy link
Contributor

Committer Notes

The PR fixes #237 by restoring the prop/@name="label" for backwards compatibility with previous oscal versions of the catalog. Additionally, the PR fixes #72 by removing the self-reference error in SC-12 to align with the corrected CPRT data.

All Submissions:

  • Have you followed the guidelines in our Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?
  • Have you squashed any non-relevant commits and commit messages? [instructions]
  • Do all automated CI/CD checks pass?

Changes to Core Features:

  • Have you added an explanation of what your changes do and why you'd like us to include them?

Iorga added 2 commits January 18, 2024 22:44
@iMichaela iMichaela requested a review from a team January 19, 2024 04:58
@iMichaela
Copy link
Contributor Author

iMichaela commented Jan 22, 2024
edited
Loading

In the latest OSCAL version of the NIST SP 800-53 (v5.1.1+u4), each catalog has:
1.

<prop name="label" class="zero-padded" value="AC-02"/>

This was done to align with he CPRT data and promote zero-padded control IDs until v6 when we will be able to break the backwards compatibility and add those zero-padded IDs as OSCAL control IDs as well.

NOTE: This decision was made in collaboration with the community members and per @david-waltermire note that RMF team's lead is not prescriptive with respect the the accuracy of the zero-padded control IDs' representation as OSCAL IDs or as alternative identifiers. The dialog and community's input is available on OSCAL/Lobby

      <prop name="label" value="AC-2"/>

This was done to support the backwards compatibility for tools relying on the such labels fro generating human-friendly versions of the catalog.

@iMichaela
Copy link
Contributor Author

The PR is ready for community's review, in addition to NIST team's review.

This was linked to issues Jan 22, 2024
Erroneous self-reference on SC-12 #72
Closed
OSCAL NIST SP 800-53 rev 5.1.1 catalog with earlier version of the "prop/@name=label" system restored. #237
Closed
david-waltermire
david-waltermire approved these changes Jan 24, 2024
View reviewed changes
Copy link
Contributor

@david-waltermire david-waltermire left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR restores the non-zero-padded control labels, removing the alt-identifier properties. I reviewed a diff of the catalog and it looks good. Thank you.

wendellpiez
wendellpiez approved these changes Jan 24, 2024
View reviewed changes
Copy link
Contributor

@wendellpiez wendellpiez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM thank you

@iMichaela
Copy link
Contributor Author

[CALL TO ACTION]: The OSCAL content PR #238 updating the NIST SP 800-53 v5.1.1 is proposing restoring of the prop/@name="label" with no zero-leading control IDs and it is adding prop/@name="label" with zero-leading control IDs. NIST team greatly appreciates community members review and approval to ensure broad acceptance of the NIST SP 800-53 v3.1.1 catalog in OSCAL.

The PR will be merged at the end of the month if no comments/objections are received.

@iMichaela iMichaela added the CALL TO ACTION Calling on the community members to review and provide feedback label Jan 26, 2024
@iMichaela iMichaela merged commit a35e993 into develop Jan 31, 2024
1 check passed
@iMichaela iMichaela deleted the 237-catalog-labels-restore branch January 31, 2024 17:45
This was referenced Feb 2, 2024
Closed
Closed
@david-waltermire david-waltermire mentioned this pull request Feb 6, 2024
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@david-waltermire david-waltermire david-waltermire approved these changes

@wendellpiez wendellpiez wendellpiez approved these changes

Assignees
No one assigned
Labels
CALL TO ACTION Calling on the community members to review and provide feedback
Projects
None yet
Milestone
No milestone
3 participants
@iMichaela @wendellpiez @david-waltermire