Releases: complytime/complyctl
Release list
v1.0.0-rc.0
Changelog
New Features
- b740bcf: feat: add Evidence and Recommendation fields to provider proto API (@jpower432)
- d58c84e: feat: redesign markdown report with summary, controls table, and findings (@jpower432)
- 1574b1a: feat: show passing controls in scan summary table (#438) (@em-redhat)
Bug Fixes
- 4c66d00: fix(bug): updates support for oci refs (#595) (@hbraswelrh)
- 63ddc79: fix(proto): resolve protolint line-length violations (@yvonnedevlinrh)
- 34a307a: fix(proto): wrap remaining long comments in spec contract proto (@yvonnedevlinrh)
- ac0f3c3: fix: adds --version flag as alias (#616) (@hbraswelrh)
- 2dc86f5: fix: migrate @Version policy URLs to :tag syntax (@yvonnedevlinrh)
- 389bb29: fix: prefer plan IDs for provider matching (@sanmaxdev)
- a8dea1a: fix: separate assessment plan and requirement IDs (@sanmaxdev)
- ba4c1b8: fix: set GOTOOLCHAIN=auto in cross-repo integration workflow (@marcusburghardt)
- 6056877: fix: simplify confidence display to only filter Undetermined (@jpower432)
- 97bbdff: fix: track complypack digests in generation state (#583) (#592) (@jpower432)
- c24c747: fix: update Go dependencies to resolve security vulnerabilities (@marcusburghardt)
- 0a92635: fix: updates error reporting and exit code (#618) (@hbraswelrh)
- 72eca21: fix: write format reports to .complytime/scan/ alongside evaluation log (#634) (@yvonnedevlinrh)
- 3841550: refactor!: remove collector export infrastructure (#606) (@trevor-vaughan)
Dependency Updates
- 8f2bb41: chore(deps): bump github.com/gemaraproj/go-gemara from 0.5.0 to 0.7.0 (@dependabot[bot])
- 5a77321: chore(deps): bump oras.land/oras-go/v2 from 2.6.0 to 2.6.1 (@dependabot[bot])
Infrastructure Updates
- 0899428: ci(deps): bump actions/checkout from 6.0.3 to 7.0.0 (@dependabot[bot])
- 7111b6f: ci(deps): bump actions/setup-go from 6.4.0 to 6.5.0 (@dependabot[bot])
- c43dd68: ci(deps): bump actions/setup-go in /.github/actions/setup-complyctl (@dependabot[bot])
- 46b5e50: ci(deps): bump complytime/org-infra/.github/workflows/reusable_ci.yml (#587) (@dependabot[bot])
- 39765df: ci(deps): bump complytime/org-infra/.github/workflows/reusable_ci.yml (#630) (@dependabot[bot])
- 65d06c3: ci(deps): bump complytime/org-infra/.github/workflows/reusable_compliance.yml (#597) (@dependabot[bot])
- 1346d9d: ci(deps): bump complytime/org-infra/.github/workflows/reusable_compliance.yml (#628) (@dependabot[bot])
- 914307d: ci(deps): bump complytime/org-infra/.github/workflows/reusable_crapload_analysis.yml (#588) (@dependabot[bot])
- 5b832d8: ci(deps): bump complytime/org-infra/.github/workflows/reusable_crapload_analysis.yml (#639) (@dependabot[bot])
- daa5815: ci(deps): bump complytime/org-infra/.github/workflows/reusable_dependabot_reviewer.yml (#591) (@dependabot[bot])
- 7707c81: ci(deps): bump complytime/org-infra/.github/workflows/reusable_dependabot_reviewer.yml (#638) (@dependabot[bot])
- 9914f62: ci(deps): bump complytime/org-infra/.github/workflows/reusable_deps_reviewer.yml (#599) (@dependabot[bot])
- 78e01ea: ci(deps): bump complytime/org-infra/.github/workflows/reusable_deps_reviewer.yml (#627) (@dependabot[bot])
- 11f1f10: ci(deps): bump complytime/org-infra/.github/workflows/reusable_scheduled.yml (#596) (@dependabot[bot])
- e8947e3: ci(deps): bump complytime/org-infra/.github/workflows/reusable_scheduled.yml (#637) (@dependabot[bot])
- e8b67f5: ci(deps): bump complytime/org-infra/.github/workflows/reusable_security.yml (#593) (@dependabot[bot])
- 690d53c: ci(deps): bump complytime/org-infra/.github/workflows/reusable_security.yml (#626) (@dependabot[bot])
- 27f4de7: ci(deps): bump complytime/org-infra/.github/workflows/reusable_sonarqube.yml (#590) (@dependabot[bot])
- 21a6796: ci(deps): bump complytime/org-infra/.github/workflows/reusable_sonarqube.yml (#636) (@dependabot[bot])
- 168b8ce: ci(deps): bump complytime/org-infra/.github/workflows/reusable_vuln_scan.yml (#589) (@dependabot[bot])
- d1f339f: ci(deps): bump complytime/org-infra/.github/workflows/reusable_vuln_scan.yml (#629) (@dependabot[bot])
- b6aa594: ci(deps): bump goreleaser/goreleaser-action from 7.2.2 to 7.2.3 (#644) (@dependabot[bot])
Other Work
- 7ea83dc: chore: add preflight validation gate to release workflow (@marcusburghardt)
- 36bc2ff: chore: align PolicyRef with OCI reference (#602) (@hbraswelrh)
- d8957d9: chore: consume complypack from quay.io (@marcusburghardt)
- ea468c6: chore: regenerate crapload baseline after rebase (@jpower432)
v1.0.0-beta.0
Changelog
New Features
- ad593c8: feat(policy): support bundle-format OCI artifacts in resolver (#498) (@sonupreetam)
- 2c91ede: feat(registry): add minimal test-branch-protection policy to mock registry (@marcusburghardt)
- 3185403: feat(spec): add providers repository split specification (@marcusburghardt)
- 6158ea7: feat: add OPA provider test content to devcontainer (@hbraswelrh)
- 4e81829: feat: add complypack demo support to mock registry and devcontainer (@gvauter)
- 91b3457: feat: add complypack pull support (@gvauter)
- 5c6fc27: feat: add devcontainer testing environment for PR reviews (@marcusburghardt)
- b16d48f: feat: add errors field to ScanResponse for improved error reporting (#510) (@jpower432)
- eeaffe5: feat: add optional target positional argument to scan command (@gvauter)
- c3a0490: feat: add target ID into scan result summary (#453) (@qduanmu)
- f982cf0: feat: add workspace configuration with --workspace flag and env var (@jpower432)
- 2e01087: feat: inject resolved workspace path into provider variables (@jpower432)
- 3354328: feat: migrates go-gemara from v0.0.1 to v0.3.0 (#472) (@hbraswelrh)
- c4cfc1a: feat: populate assessment plan and step identity in evaluation logs (#579) (@hbraswelrh)
- 7aee1db: feat: pre-populate devcontainer cache with local OCI Layout bundles (#538) (@hbraswelrh)
- 238e83f: feat: replace --format otel with COMPLYTIME_EXPORT_ENABLED env var (@gvauter)
- 74fbae8: feat: seed OPA complypack artifact in mock registry (@hbraswelrh)
- 74fe214: feat: update RPM packaging for core-only complyctl after provider split (@marcusburghardt)
Bug Fixes
- bbc193e: fix(ci): align cross-repo workflow naming with existing test patterns (@marcusburghardt)
- 93a17a9: fix(ci): harden workflows against zizmor security findings (@marcusburghardt)
- 3c8c30b: fix(ci): normalize ci_sonarcloud.yml to 2-space indentation (@marcusburghardt)
- 9fc2303: fix(doctor): improve UX for version resolution errors and diagnostics (#514) (@sonupreetam)
- eafccc5: fix(provider): export WorkspaceDir constant and correct sdk contract doc (@marcusburghardt)
- dd8f123: fix(provider): update scan.go and cli_test.go plugin references to provider (@marcusburghardt)
- d627e27: fix(registry): seed valid ampel complypack content in mock registry (#554) (@hbraswelrh)
- 9d0eb43: fix(scan): check evaluator artifacts exist before skipping generation (#515) (@sonupreetam)
- 56c1083: fix(spec): address review nits from PR #474 (@marcusburghardt)
- b41b2e0: fix: add gaze_crap to baseline for doctor functions (@jpower432)
- 4d9ea2c: fix: add shellcheck disable for SC2153 false positive (@marcusburghardt)
- cb68b6f: fix: address PR #529 review feedback (@sonupreetam)
- ad80515: fix: address review council findings (@hbraswelrh)
- 5e92a11: fix: address review counil findings (@jpower432)
- 09ba988: fix: align complytime-mapping.json with OPA provider schema (@hbraswelrh)
- 8b600e4: fix: align test-opa-catalog.yaml with Gemara CUE schema (@hbraswelrh)
- 52eabc0: fix: doctor reports pinned-version registries as unreachable (@jpower432)
- c0bbe31: fix: extract resolvePinnedFallback helper and update CRAP baseline (@jpower432)
- 5db6b3e: fix: get resolves pinned version instead of defaulting to latest tag (@jpower432)
- 6d7ee98: fix: override go.md TC-001/TC-002 with testify convention in go-custom.md (@marcusburghardt)
- 43b684b: fix: populate evaluation log metadata, result, and target fields (@jpower432)
- 836bb54: fix: remove K8s manifest from testdata to avoid Trivy alerts (@hbraswelrh)
- 872d04e: fix: remove stale MAN_OPENSCAP_CONF_OUTPUT reference from clean target (@marcusburghardt)
- 35d9b88: fix: remove stale provider man page files from complyctl (@marcusburghardt)
- 50f81f3: fix: replace gopkg.in/yaml.v3 with goccy/go-yaml (@sonupreetam)
- 87b016c: fix: resolve plan IDs to requirement and control IDs in scan report (@jpower432)
- ac91387: fix: return non-zero exit on export failure and add missing tests (@marcusburghardt)
- e6128f5: fix: suppress gosec G101 false positives in collector auth tests (@gvauter)
- 3edb4cf: fix: update CRAP baseline and add RequirementID field comment (@jpower432)
- 0dfdfde: fix: update ToSARIF calls to use functional options API (@gvauter)
- 40cfba5: fix: update antchfx/xpath to v1.3.6 to resolve security vulnerability (@marcusburghardt)
- 5b9fd70: fix: update e2e tests to use new .complytime/ config path (@jpower432)
- 8872e61: fix: use input_path instead of input for OPA target variable (#549) (@hbraswelrh)
- b751ecd: refactor(cli): decompose scan, generate, get, providers commands (@gvauter)
- 7db1ae7: refactor(openscap): decompose Generate and Scan plugin methods (@gvauter)
- 6dac951: refactor(plugin): address PR review nits for LoadedPlugin and scan imports (@gvauter)
- de15ea6: refactor(provider): rename pkg/plugin to pkg/provider and update all references (@marcusburghardt)
- 3fe4d1a: refactor(provider): sweep remaining plugin terminology to provider (@marcusburghardt)
- 643debb: refactor(registry): extract seedPolicyFromFiles to reduce seedDefaults CRAP score (@marcusburghardt)
- e239848: refactor: decompose export helpers to reduce CRAP scores (@gvauter)
- 8833535: refactor: extract effectiveGlobals to reduce CheckVariables CRAP score (@jpower432)
- a5a4bb6: refactor: relocate workspace injection to eliminate CRAP regressions (@jpower432)
- 607e6c7: refactor: split Export into optional Exporter interface (ISP) (@jpower432)
Dependency Updates
- fd80acd: chore(deps): bump github.com/charmbracelet/log from 0.4.2 to 1.0.0 (@dependabot[bot])
- dcfa28e: chore(deps): bump github.com/gemaraproj/go-gemara from 0.3.0 to 0.4.0 (@dependabot[bot])
- 21c669e: chore(deps): bump github.com/gemaraproj/go-gemara from 0.4.0 to 0.5.0 (@dependabot[bot])
- 086c0d6: chore(deps): bump github.com/hashicorp/go-plugin from 1.7.0 to 1.8.0 (@dependabot[bot])
- a1f047a: chore(deps): bump golang.org/x/oauth2 from 0.34.0 to 0.36.0 (@dependabot[bot])
- 99dd845: chore(deps): bump google.golang.org/grpc from 1.79.3 to 1.80.0 (#464) (@dependabot[bot])
- 8963d86: chore(deps): bump google.golang.org/grpc from 1.80.0 to 1.81.0 (#501) (@dependabot[bot])
- 976bb28: chore(deps): bump google.golang.org/grpc from 1.81.0 to 1.81.1 (@dependabot[bot])
- e3cdb3f: chore(deps): bump https://github.com/pre-commit/pre-commit-hooks (@dependabot[bot])
Infrastructure Updates
- c12b6de: ci(deps): bump actions/checkout from 6.0.2 to 6.0.3 (@dependabot[bot])
- 263e324: ci(deps): bump actions/github-script from 8.0.0 to 9.0.0 (#467) (@dependabot[bot])
- ec45620: ci(deps): bump actions/setup-go from 6.3.0 to 6.4.0 (#448) (@dependabot[bot])
- 392c85d: ci(deps): bump actions/setup-go in /.github/actions/setup-complyctl (@dependabot[bot])
- 197556d: ci(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (@dependabot[bot])
- 90ebd55: ci(deps): bump carabiner-dev/actions from 1.2.0 to 1.2.1 (#556) (@dependabot[bot])
- 53389ab: ci(deps): bump complytime/org-infra/.github/workflows/reusable_ci.yml (@dependabot[bot])
- bd50860: ci(deps): bump complytime/org-infra/.github/workflows/reusable_compliance.yml (@dependabot[bot])
- 7e1460e: ci(deps): bump complytime/org-infra/.github/workflows/reusable_compliance.yml (#569) (@dependabot[bot])
- 5e3d2dd: c...
v1.0.0-alpha.0
Changelog
Highlights
From OSCAL to Gemara - complyctl has been redesigned to use Gemara natively as its core, replacing OSCAL. This shift simplifies policy authoring, streamlines evaluation, and provides a more intuitive and expressive foundation for compliance-as-code.
Branch protection assessment via Ampel - The new Ampel plugin validates repository branch protection rules against your compliance policies defined in Gemara, ensuring your GitHub and GitLab projects meet organizational security standards before issues arise, not after.
Spec-Driven Development - Development now follows a spec-driven workflow, where features are formally specified, planned, and broken into trackable tasks before implementation begins. This brings clarity, traceability, speed, and consistency to every change that lands in the codebase.
New Features
- 2d9c827: feat: include complytime config file for branch protection (@marcusburghardt)
- 22b575d: feat: include workflow for branch protection checks (@marcusburghardt)
Dependency Updates
- 42715a6: chore(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 (@dependabot[bot])
Infrastructure Updates
- c15b1db: ci(deps): bump sigstore/cosign-installer from 4.1.0 to 4.1.1 (@dependabot[bot])
Other Work
- 5f637c1: chore: remove tag validation test (@marcusburghardt)
- 344ff72: chore: update crapload baseline (@marcusburghardt)
v0.2.0
Changelog
New Features
- 284e56b: feat(cli)!: complyctl redesign (#381) (@jpower432)
- 80aa019: feat(plugin): Add AMPEL branch protection scanning plugin (@marcusburghardt)
- e5b8d51: feat: add CRAP load monitoring with reusable workflow (@marcusburghardt)
- 0da064d: feat: add gitlab support in ampel plugin (@qduanmu)
Bug Fixes
- b6f52ec: fix(cli): Fix typo in scan command help text (#377) (@ccronca)
- fd46922: fix(scripts): Add missing hyphen to curl -X POST flag (#375) (@ccronca)
- e577abb: fix: CPLYTM-1223 integration test failure (@qduanmu)
- f6c7795: fix: Resolve golangci-lint issues across affected packages (@marcusburghardt)
- b395144: fix: ensures missing files are downloaded on get command execution (@gvauter)
- 31cdbb1: fix: exclude vendored files from SonarCloud scan (@sonupreetam)
- dfd56ec: fix: mark oras-go MIGRATION_GUIDE.md as binary to fix Packit SRPM build (@marcusburghardt)
- bd0bf57: fix: set goreleaser dir for openscap-plugin separate Go module (@marcusburghardt)
- 9e42a4d: refactor(plugin): Adapt ampel-plugin to new gRPC plugin interface (@marcusburghardt)
- 2e10182: refactor(plugin): Centralize ampel targets into complytime.yaml (@marcusburghardt)
- 46acf19: refactor(plugin): Improve path handling and enable GitLab scanning (@marcusburghardt)
- 9cfd8fc: refactor: Align spec artifacts with current plugin architecture (@marcusburghardt)
- 1ffafde: refactor: Flatten target model to one target per repository (@marcusburghardt)
- 73155e1: refactor: Propagate BP-* IDs across test fixtures, assertions, and docs (@marcusburghardt)
- e5b9804: refactor: move PR comment posting from reusable workflow to caller (@marcusburghardt)
Dependency Updates
- 4c212be: chore(deps): bump github.com/charmbracelet/bubbles from 0.21.0 to 0.21.1 (@dependabot[bot])
- 3a2e9d0: chore(deps): bump github.com/charmbracelet/bubbles from 0.21.1 to 1.0.0 (@dependabot[bot])
- 6c92829: chore(deps): bump github.com/cloudflare/circl (@dependabot[bot])
- e0b484c: chore(deps): bump github.com/go-git/go-git/v5 (@dependabot[bot])
- f7249ce: chore(deps): bump github.com/goccy/go-yaml from 1.19.1 to 1.19.2 (@dependabot[bot])
- 558c1db: chore(deps): bump google.golang.org/grpc (@dependabot[bot])
- 981deeb: chore(deps): bump google.golang.org/grpc (@dependabot[bot])
Infrastructure Updates
- 68925e5: ci(deps): bump actions/checkout from 6.0.1 to 6.0.2 (@dependabot[bot])
- abde1c1: ci(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 (@dependabot[bot])
- e588850: ci(deps): bump actions/download-artifact from 8.0.0 to 8.0.1 (@dependabot[bot])
- 4af20c3: ci(deps): bump actions/github-script from 7.0.1 to 8.0.0 (@dependabot[bot])
- 09e200c: ci(deps): bump actions/setup-go from 6.1.0 to 6.2.0 (@dependabot[bot])
- f115735: ci(deps): bump actions/setup-go from 6.2.0 to 6.3.0 (@dependabot[bot])
- 708eb3b: ci(deps): bump actions/setup-go in /.github/actions/setup-complyctl (@dependabot[bot])
- beed550: ci(deps): bump actions/setup-go in /.github/actions/setup-complyctl (@dependabot[bot])
- 91f7e70: ci(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (@dependabot[bot])
- 7550926: ci(deps): bump anchore/sbom-action from 0.20.11 to 0.21.0 (@dependabot[bot])
- 2d64767: ci(deps): bump anchore/sbom-action from 0.21.0 to 0.21.1 (@dependabot[bot])
- 2808da8: ci(deps): bump anchore/sbom-action from 0.21.1 to 0.22.0 (@dependabot[bot])
- 4c4b58d: ci(deps): bump anchore/sbom-action from 0.22.0 to 0.22.1 (@dependabot[bot])
- 8cd6bb8: ci(deps): bump anchore/sbom-action from 0.22.1 to 0.22.2 (@dependabot[bot])
- bea51a7: ci(deps): bump anchore/sbom-action from 0.22.2 to 0.23.0 (@dependabot[bot])
- 48c023a: ci(deps): bump anchore/sbom-action from 0.23.0 to 0.23.1 (@dependabot[bot])
- c4e7203: ci(deps): bump anchore/sbom-action from 0.23.1 to 0.24.0 (@dependabot[bot])
- ff39789: ci(deps): bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 (#383) (@dependabot[bot])
- fa352be: ci(deps): bump sigstore/cosign-installer from 4.0.0 to 4.1.0 (@dependabot[bot])
- 7893ce4: ci: update CRAP load analysis workflows (@marcusburghardt)
Documentation Updates
- 1a4895b: docs(plugin): Replace outdated OSCAL references with current terminology (@marcusburghardt)
Other Work
- 0415e98: Merge branch 'main' into dependabot/go_modules/go_modules-de592185e9 (@sonupreetam)
- 2788e76: Merge branch 'main' into fix/get-download-missing-content (@gvauter)
- 0a7374e: Merge branch 'main' into fix/get-download-missing-content (@gvauter)
- 453ddcc: Merge branch 'main' into fix/sonarcloud-errors (@sonupreetam)
- 8e054e4: chore: add auto review ci (@huiwangredhat)
- f2700d5: chore: align to update for gitlab nested groups in snappy (@qduanmu)
- c80f89c: chore: exclude vendor directory from lint checks (@marcusburghardt)
- f9c5ee9: chore: fix python lint issues (@marcusburghardt)
- cc54b15: chore: fix shellcheck lint issues (@marcusburghardt)
- babe234: chore: fix yaml lint issues (@marcusburghardt)
- a6edbed: chore: ignore agent specific files (@marcusburghardt)
- 654f95f: chore: include branch protection policy for mocked registry (@marcusburghardt)
- 399a172: chore: remove unnecessary line (@marcusburghardt)
- 1402b87: chore: resuable sonarqube workflow (@huiwangredhat)
- 39e8c08: chore: sync security workflow with org-infra (#382) (@sonupreetam)
- dbfb925: chore: udpate ampel plugin testdata and github spec (@qduanmu)
- a5bf77f: chore: udpate integration test for assessment-result checking (@qduanmu)
- 41b9dab: chore: update references with previously unnused variables (@marcusburghardt)
- 80d0163: chore: update sonarqube_ci (@huiwangredhat)
v0.1.2
Changelog
Dependency Updates
- 2629a79: chore(deps): bump github.com/goccy/go-yaml from 1.18.0 to 1.19.0 (@dependabot[bot])
- c1f0120: chore(deps): bump github.com/goccy/go-yaml from 1.19.0 to 1.19.1 (@dependabot[bot])
- 7adeb98: chore(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 (@dependabot[bot])
- 94747c0: chore(deps): bump golang.org/x/crypto (@dependabot[bot])
Infrastructure Updates
- 8cb22a4: ci(deps): bump SonarSource/sonarqube-scan-action from 6.0.0 to 7.0.0 (#353) (@dependabot[bot])
- c718fcf: ci(deps): bump actions/checkout from 5.0.1 to 6.0.0 (@dependabot[bot])
- 74ee386: ci(deps): bump actions/checkout from 6.0.0 to 6.0.1 (@dependabot[bot])
- f0e6af7: ci(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 (@dependabot[bot])
- 00a2b26: ci(deps): bump actions/setup-go from 6.0.0 to 6.1.0 (@dependabot[bot])
- fdfbb1c: ci(deps): bump actions/setup-go in /.github/actions/setup-complyctl (@dependabot[bot])
- 0e859eb: ci(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 (@dependabot[bot])
- 2336300: ci(deps): bump anchore/sbom-action from 0.20.10 to 0.20.11 (@dependabot[bot])
- ca33014: ci: include new sections in changelog (@marcusburghardt)
- 75efa8f: ci: show author for automated commits (@marcusburghardt)
- bd3057f: ci: syntax for multiple binaries in goreleaser (@marcusburghardt)
Other Work
- 833fd80: Filter verbose scan finding logs to debug level (@ccronca)
- c51b90a: Update style guide (@AlexXuan233)
- 1e16383: chore: minor lint issues (@marcusburghardt)
- 0a2c702: chore: quote variables (@marcusburghardt)
- 0255462: chore: remove unused variable (@marcusburghardt)
- fcd07e3: chore: shellcheck lint regarding missing quotes (@marcusburghardt)
- 8325602: chore: sync repository standards (@marcusburghardt)
v0.1.1
Changelog
New Features
Bug fixes
- 4acc2b1: fix: quote strings to avoid breaking change with v6 action (@gvauter)
- 33dae3c: fix: update config for cosign v2 (@marcusburghardt)
Other work
- 770579c: Update cmd/complyctl/cli/scan.go (@ccronca)
- 31282ae: Update the gomod version to 1.24.9
- a46a537: chore(deps): bump github.com/antchfx/xmlquery from 1.4.4 to 1.5.0 (@dependabot[bot])
- eba7b9c: chore(deps): bump github.com/oscal-compass/compliance-to-policy-go/v2 (@dependabot[bot])
- a42f111: chore(deps): bump github.com/oscal-compass/oscal-sdk-go (@dependabot[bot])
- 8323cc6: chore: [CPLYTM-1102] [CPLYTM-1102] add vulnerability check (@huiwangredhat)
- 9dddbae: chore: add GitHub PAT comment and PR description (@qduanmu)
- 56a6785: chore: add script to update repo workflows (@qduanmu)
- ed29ab3: chore: adopt last changes from org-infra (@marcusburghardt)
- e4d0e0f: chore: create a pull request when a new workflow (@qduanmu)
- ada015c: chore: disable kics in mega-linter for now (@marcusburghardt)
- 5468c6e: chore: ensure minor and patch updates for goreleaser (@marcusburghardt)
- 85476c1: chore: explicit top level permissions (@marcusburghardt)
- 9a81c39: chore: fix ci lint issue with chmod in test (@marcusburghardt)
- 11f0c73: chore: fix linting issues introduced during rebase (@ccronca)
- b9316b9: chore: fix the conflict of go version (@huiwangredhat)
- 45a9417: chore: remove redundant cleaning (@marcusburghardt)
- e52d90d: chore: review goreleaser changelog settings (@marcusburghardt)
- d50ab5f: chore: sync repository standards (@marcusburghardt)
- 7653c54: chore: update cosign settings in goreleaser (@marcusburghardt)
- 2723280: chore: update input for manual release (@marcusburghardt)
- 17e7a3c: chore: update reviewer in vuln_check_fix CI (@huiwangredhat)
- bc16a50: chore: workflows cleanup (@marcusburghardt)
- 8d2923d: ci(deps): Bump SonarSource/sonarqube-scan-action from 5.3.1 to 6.0.0 (@dependabot[bot])
- 7428776: ci(deps): bump actions/checkout from 5.0.0 to 5.0.1 (@dependabot[bot])
- d3e617d: ci(deps): bump actions/dependency-review-action from 4.8.0 to 4.8.1 (@dependabot[bot])
- 828c509: ci(deps): bump actions/dependency-review-action from 4.8.1 to 4.8.2 (@dependabot[bot])
- e62f014: ci(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 (@dependabot[bot])
- 9864185: ci(deps): bump actions/setup-go from 5.5.0 to 6.0.0 (@dependabot[bot])
- d3c560e: ci(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (@dependabot[bot])
- 1947e34: ci(deps): bump anchore/sbom-action from 0.20.6 to 0.20.7 (@dependabot[bot])
- bd6add5: ci(deps): bump anchore/sbom-action from 0.20.7 to 0.20.8 (@dependabot[bot])
- 784336a: ci(deps): bump anchore/sbom-action from 0.20.8 to 0.20.9 (@dependabot[bot])
- 5b10fde: ci(deps): bump anchore/sbom-action from 0.20.9 to 0.20.10 (@dependabot[bot])
- 947c4f2: ci(deps): bump github/codeql-action from 3.30.5 to 4.30.9 (@dependabot[bot])
- 979a296: ci(deps): bump github/codeql-action from 4.30.9 to 4.31.0 (@dependabot[bot])
- bebb205: ci(deps): bump github/codeql-action from 4.31.0 to 4.31.2 (@dependabot[bot])
- 37aed60: ci(deps): bump github/codeql-action from 4.31.2 to 4.31.3 (@dependabot[bot])
- 7eec817: ci(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 (@dependabot[bot])
- 08ff4a7: ci(deps): bump peter-evans/create-or-update-comment from 4.0.0 to 5.0.0 (@dependabot[bot])
- be438ac: ci(deps): bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (@dependabot[bot])
v0.1.0
We released the first minor release of complyctl - a new mommand line Interface for RHEL and Fedora compliance assessment.
It features a decoupled plug-in architecture for flexibility, and generates standardized, machine-readable data using OSCAL.
Complyctl main commands released: list, info, plan, generate and scan.
Changelog
New Features
- 505553b feat: CPLYTM-983 add support for waived rules
- 7731d3d feat: adding context to man oscap plugin
- 651e67b feat: factoring in review comments
- 5a54b9d feat: initial man page plan editing example
- 3b5f616 feat: introducing plan regeneration logic
- f8356b1 feat: updating complyctl man commands
- 19653c4 feat: updating the man page with waived rules
- f0d87b4 feat: updating unit test regeneration logic
Bug fixes
- 5e0603c fix: Ensure workspace error redundancy check (#287)
- f9e06ac fix: reduced reference to scap
- 64e130a fix: updating image source for diagram
- 879397a fix: updating the plan command logic
Other work
- 8896c49 Add doc for testing farm tests
- d5f1aa8 Add integration test cases
- aa7e347 Merge branch 'complytime:main' into add-doc-for-testing-farm
- 01e3da6 Merge pull request #240 from hbraswelrh/feat/CPLYTM-949-manpage-plan-update
- 4c3c9cd Merge pull request #245 from complytime/dependabot/go_modules/github.com/stretchr/testify-1.11.0
- c1d1dcc Merge pull request #247 from hbraswelrh/feat/CPLYTM-901-regeneration-updates
- fa6301e Merge pull request #248 from huiwangredhat/e2e-test-cases
- ac52279 Merge pull request #249 from complytime/dependabot/github_actions/actions/dependency-review-action-4.7.3
- 4a07b9f Merge pull request #250 from marcusburghardt/codeql_version
- ffc0cba Merge pull request #251 from AlexXuan233/add-integration-test-case
- b8dad21 Merge pull request #253 from complytime/dependabot/github_actions/SonarSource/sonarqube-scan-action-5.3.1
- f80fb62 Merge pull request #254 from marcusburghardt/packit_update
- 663f730 Merge pull request #255 from huiwangredhat/docs_for_tests
- 3d034d4 Merge pull request #256 from complytime/dependabot/github_actions/github/codeql-action-3.30.0
- 036bf58 Merge pull request #258 from complytime/dependabot/github_actions/actions/github-script-8.0.0
- b7b647b Merge pull request #259 from complytime/dependabot/github_actions/github/codeql-action-3.30.1
- dda796f Merge pull request #261 from complytime/dependabot/go_modules/github.com/spf13/cobra-1.10.1
- 8f69866 Merge pull request #262 from complytime/dependabot/go_modules/github.com/oscal-compass/compliance-to-policy-go/v2-2.0.0-alpha.3
- e7635e7 Merge pull request #263 from complytime/dependabot/go_modules/github.com/spf13/pflag-1.0.10
- 153a9f8 Merge pull request #266 from complytime/dependabot/github_actions/github/codeql-action-3.30.2
- c7754ab Merge pull request #267 from qduanmu/waive-rules
- 0837b33 Merge pull request #268 from complytime/dependabot/github_actions/github/codeql-action-3.30.3
- 3820483 Merge pull request #269 from qduanmu/refine-applyrulescope
- d6ff271 Merge pull request #270 from hbraswelrh/docs/CPLYTM-984-waived-rules
- 2b5be01 Merge pull request #272 from complytime/dependabot/github_actions/sigstore/cosign-installer-3.10.0
- c2d94b3 Merge pull request #273 from complytime/dependabot/go_modules/github.com/oscal-compass/oscal-sdk-go-0.0.6
- e3f6ee2 Merge pull request #274 from complytime/dependabot/go_modules/github.com/charmbracelet/bubbletea-1.3.9
- 1e5d4e7 Merge pull request #275 from complytime/dependabot/go_modules/github.com/defenseunicorns/go-oscal-0.7.0
- 72b7bfb Merge pull request #276 from complytime/dependabot/github_actions/anchore/sbom-action-0.20.6
- 821c921 Merge pull request #277 from hbraswelrh/feat/CPLYTM-992-plugin-man-update
- 654886e Merge pull request #278 from AlexXuan233/test-PRM-provide-content
- c32689a Merge pull request #279 from hbraswelrh/feat/CPLYTM-1023-complyctl-man-page
- db4f549 Merge pull request #281 from qduanmu/bump-oscal-sdk-go
- 3227ed6 Merge pull request #282 from AlexXuan233/add-doc-for-testing-farm
- ad3f8bc Merge pull request #283 from hbraswelrh/docs/CPLYTM-1006-diagram
- 0f1bd71 Merge pull request #284 from complytime/dependabot/go_modules/github.com/charmbracelet/bubbletea-1.3.10
- 0964b97 Merge pull request #285 from complytime/dependabot/go_modules/github.com/oscal-compass/compliance-to-policy-go/v2-2.0.0-alpha.4
- d955ea2 Merge pull request #286 from huiwangredhat/update_placeholders
- 7bef5c7 Merge pull request #288 from ccronca/docs/fix-component-definition-link
- 0a0122b Merge pull request #289 from qduanmu/bump-oscal-sdk-go-0.0.8
- 6572442 Merge pull request #290 from complytime/dependabot/github_actions/github/codeql-action-3.30.4
- bd6de65 Merge pull request #291 from qduanmu/create-appdirectory-message
- 995023b Merge pull request #294 from ccronca/chore/dependabot-setup-complyctl-action
- 3dc498a Merge pull request #295 from qduanmu/update-openscap-message
- a69f4a9 Merge pull request #296 from complytime/dependabot/github_actions/actions/dependency-review-action-4.8.0
- 877557b Merge pull request #297 from complytime/dependabot/github_actions/github/codeql-action-3.30.5
- 9591cde Merge pull request #299 from qduanmu/mulitiple-invalid-rules
- 1f9bf3f Merge pull request #302 from complytime/dependabot/github_actions/dot-github/actions/setup-complyctl/actions/setup-go-6.0.0
- 201d1b8 Merge pull request #303 from complytime/dependabot/github_actions/actions/setup-go-6.0.0
- 9d7546f Merge pull request #304 from gvauter/chore/bump-go-1.24.6
- d191127 Merge pull request #305 from complytime/dependabot/github_actions/ossf/scorecard-action-2.4.3
- 57b8684 Using test farm to test RPM provide content
- cf7c7e4 chore(deps): Bump github.com/charmbracelet/bubbletea
- 5150945 chore(deps): Bump github.com/charmbracelet/bubbletea from 1.3.6 to 1.3.7
- 3966b6b chore(deps): Bump github.com/charmbracelet/bubbletea from 1.3.8 to 1.3.9
- 6740adc chore(deps): Bump github.com/defenseunicorns/go-oscal
- dc4a4ec chore(deps): Bump github.com/oscal-compass/compliance-to-policy-go/v2
- 4233965 chore(deps): Bump github.com/oscal-compass/compliance-to-policy-go/v2
- 86e0d6c chore(deps): Bump github.com/oscal-compass/oscal-sdk-go
- 2b56b22 chore(deps): Bump github.com/spf13/cobra from 1.9.1 to 1.10.1
- 6dee14f chore(deps): Bump github.com/spf13/pflag from 1.0.7 to 1.0.10
- fd1d3ad chore(deps): Bump github.com/stretchr/testify from 1.10.0 to 1.11.0
- 229f778 chore: CPLYTM-985 add test cases for waived rules
- 770461e chore: [CPLYTM-1018] remove placeholders
- f46f949 chore: [CPLYTM-566] Create badge that shows pass/fail status on update-sonarcloud-github-status (#271)
- aebc095 chore: [CPLYTM-944] add document for e2e and integration test
- 8ebf25d chore: add dependabot support for setup-complyctl action
- c73747c chore: add message for creating application directory
- 97a8611 chore: bump go version to 1.24.6
- c94045c chore: bump oscal-sdk-go to 0.0.8
- 03335b6 chore: bump oscal-sdk-go version to 0.0.7
- 1b63d61 chore: inform a list of invalid rules
- 0b1ba9d chore: refine apply rule scope
- 928ce5b ch...
v0.0.10
Changelog
New Features
- 504dc4a feat: adding parameter flag to unit test
- ca2c5c5 feat: introducing parameter flag to info command
- fdacabb feat: introducing parameter selections
- 57f8fe3 feat: separating functions based on review
- 3070204 feat: updating the documentation for parameters
- 016bde8 feat: updating unit-tests for dry-run output
Bug fixes
Other work
- ca3eeeb Add an integration test pipeline
- 028a0c5 Merge pull request #198 from complytime/dependabot/go_modules/github.com/charmbracelet/bubbletea-1.3.6
- 580875a Merge pull request #202 from complytime/dependabot/go_modules/github.com/spf13/pflag-1.0.7
- 4f65094 Merge pull request #203 from complytime/dependabot/go_modules/github.com/ComplianceAsCode/compliance-operator-1.7.0
- c7cbe08 Merge pull request #211 from marcusburghardt/sonar_key
- 018ca32 Merge pull request #214 from marcusburghardt/fedora_troubleshooting
- 2ca54f1 Merge pull request #215 from complytime/dependabot/github_actions/github/codeql-action-3.29.5
- 9b7df7c Merge pull request #217 from complytime/dependabot/go_modules/github.com/oscal-compass/oscal-sdk-go-0.0.5
- 287bf8e Merge pull request #218 from complytime/dependabot/github_actions/actions/download-artifact-5.0.0
- d62b489 Merge pull request #220 from hbraswelrh/feat/CPLYTM-932-parameter-flag
- f297130 Merge pull request #223 from complytime/dependabot/github_actions/actions/checkout-5.0.0
- 8d7aa42 Merge pull request #224 from hbraswelrh/feat/sdk-convention-updates
- d3bc331 Merge pull request #225 from complytime/dependabot/github_actions/github/codeql-action-3.29.9
- b2d82c4 Merge pull request #228 from hbraswelrh/docs/CPLYTM-898-help-example
- 18d75a0 Merge pull request #229 from hbraswelrh/feat/CPLYTM-899-dry-run-logic
- 830b529 Merge pull request #230 from qduanmu/bump-c2p
- 58f828e Merge pull request #232 from complytime/dependabot/github_actions/anchore/sbom-action-0.20.5
- c5dd4e8 Merge pull request #233 from complytime/dependabot/github_actions/goreleaser/goreleaser-action-6.4.0
- 4ad27da Merge pull request #235 from marcusburghardt/vendor_dep
- 147c737 Merge pull request #236 from complytime/dependabot/go_modules/github.com/hashicorp/go-plugin-1.7.0
- 1bbfdcb Merge pull request #237 from complytime/dependabot/go_modules/github.com/defenseunicorns/go-oscal-0.6.3
- f8096a2 Merge pull request #238 from huiwangredhat/add_e2e_pipeline
- 4cccc0d Merge pull request #239 from AlexXuan233/add-integration-test-pipeline
- b90a326 Merge pull request #241 from complytime/dependabot/github_actions/github/codeql-action-3.29.10
- ab09601 Merge pull request #242 from complytime/dependabot/github_actions/actions/dependency-review-action-4.7.2
- 4b2d4bb chore(deps): Bump github.com/ComplianceAsCode/compliance-operator
- 5a5ee06 chore(deps): Bump github.com/charmbracelet/bubbletea from 1.3.5 to 1.3.6
- d362848 chore(deps): Bump github.com/defenseunicorns/go-oscal
- 96ea65a chore(deps): Bump github.com/hashicorp/go-plugin from 1.6.3 to 1.7.0
- 13bf06c chore(deps): Bump github.com/oscal-compass/oscal-sdk-go
- efd1947 chore(deps): Bump github.com/spf13/pflag from 1.0.6 to 1.0.7
- 7a0ce22 chore: [CPLYTM-941] add e2e pipeline
- ecf1224 chore: bump c2p version to 2.0.0-alpha.2
- 1bf8958 chore: create exception for line ends issue
- 03c18b3 ci(deps): Bump actions/checkout from 4.2.2 to 5.0.0
- 23e9ee4 ci(deps): Bump actions/dependency-review-action from 4.7.1 to 4.7.2
- b811f2d ci(deps): Bump actions/download-artifact from 4.3.0 to 5.0.0
- 8ff93fe ci(deps): Bump anchore/sbom-action from 0.20.4 to 0.20.5
- 61a9afc ci(deps): Bump github/codeql-action from 3.29.4 to 3.29.5
- 0c881db ci(deps): Bump github/codeql-action from 3.29.7 to 3.29.9
- 6018570 ci(deps): Bump github/codeql-action from 3.29.9 to 3.29.10
- be118bf ci(deps): Bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0
- ecfa5d8 ci: fix sonar project key
- 781d0b0 rebase the integration test
- 0a4ddfb replace the vm with a container
v0.0.9
Changelog
New Features
- 6b39858 feat: adding GetControlTitle function
- 4060327 feat: populate sample content by default in RPM
Bug fixes
Documentation updates
- afdbbff doc: expand example command usage with scope config
Other work
- 536e5ef Apply suggestions from code review
- 9e3fbce Merge pull request #193 from gvauter/docs/CPLYTM-815
- db50716 Merge pull request #196 from marcusburghardt/elements_match_test
- f50044c Merge pull request #197 from hbraswelrh/feat/CPLYTM-887-refactor
- ba4ec05 Merge pull request #199 from qduanmu/add-openscap-manpage
- 3b0fb41 Merge pull request #200 from marcusburghardt/fedora_release
- 9921017 Merge pull request #201 from complytime/dependabot/github_actions/sigstore/cosign-installer-3.9.2
- 1c2ef00 Merge pull request #204 from complytime/dependabot/github_actions/github/codeql-action-3.29.3
- 5c11f8d Merge pull request #205 from complytime/dependabot/github_actions/anchore/sbom-action-0.20.4
- 5babc0c Merge pull request #206 from marcusburghardt/update_samples
- 313103c Merge pull request #207 from complytime/dependabot/github_actions/SonarSource/sonarqube-scan-action-5.3.0
- bdd3d89 Merge pull request #208 from marcusburghardt/packit_auto
- 7a9e883 Merge pull request #210 from complytime/dependabot/github_actions/github/codeql-action-3.29.4
- 892241b Update docs/RELEASE_PROCESS.md
- 5bc2276 chore: add openscap plugin man page
- 5c47a2e chore: ensure included controls are ordered
- e118860 chore: include versions in spec changelog
- 0a8295b chore: rename openscap plugin man page and update example
- 48cc581 chore: update DESCRIPTION in complyctl-openscap-plugin.md
- e4ca6a7 chore: update sample files based on CUSP for Fedora
- 576f99c ci(deps): Bump SonarSource/sonarqube-scan-action from 5.2.0 to 5.3.0
- cef90f9 ci(deps): Bump anchore/sbom-action from 0.20.2 to 0.20.4
- 43b5d19 ci(deps): Bump github/codeql-action from 3.29.2 to 3.29.3
- 2d77455 ci(deps): Bump github/codeql-action from 3.29.3 to 3.29.4
- 5382c9c ci(deps): Bump sigstore/cosign-installer from 3.9.1 to 3.9.2
- 2d97548 ci: automate fedora updates after releasing
v0.0.8
Changelog
New Features
- 1dc8889 feat: add default includeRules statement for dry-run
- c2c93d6 feat: add support for excluding rules in a scope config
- 09c8acb feat: vendor go dependencies
Bug fixes
- 601b388 fix: detect datastream files without versions
- 6ba6c43 fix: remove unnecessary processing of steps and activity rule prop
- 47fdebf fix: rename complyctl man file
Other work
- 672e4e1 Merge pull request #166 from gvauter/complyctl-rename
- 878689d Merge pull request #175 from marcusburghardt/packit
- 0ccbd1f Merge pull request #180 from complytime/dependabot/go_modules/github.com/goccy/go-yaml-1.18.0
- 6d5a478 Merge pull request #181 from qduanmu/nil-default
- b6253f6 Merge pull request #182 from complytime/dependabot/github_actions/sigstore/cosign-installer-3.9.1
- 4052f60 Merge pull request #183 from gvauter/chore/sonar-rename
- 70e82a7 Merge pull request #184 from marcusburghardt/vendor_dep
- ee8e123 Merge pull request #186 from complytime/dependabot/github_actions/github/codeql-action-3.29.1
- ffda7d0 Merge pull request #187 from gvauter/feat/CPLYTM-883
- 1f65a2b Merge pull request #188 from complytime/dependabot/github_actions/github/codeql-action-3.29.2
- ca6aa4a Merge pull request #189 from marcusburghardt/fedora_review
- 87f7a9d Merge pull request #190 from gvauter/feat/CPLYTM-814
- c93cb86 Merge pull request #191 from complytime/dependabot/github_actions/anchore/sbom-action-0.20.2
- ed2c41f Merge pull request #192 from marcusburghardt/CPLYTM-767
- 624679c Merge pull request #194 from marcusburghardt/date_fix
- 9e5da40 chore(deps): Bump github.com/goccy/go-yaml from 1.17.1 to 1.18.0
- de6935d chore: ensure ownership of all directories in SPEC
- 5cb05ae chore: fix date in spec changelong
- 9a3afa4 chore: fix rpmlint regarding english words
- 2a6e40d chore: include plugin manifest file in SPEC file
- 8537dc1 chore: set nil default to empty string for optional configuration
- 4c94051 chore: update Makefile to use vendored dependencies
- 44ceb1c chore: update sonar project key and name
- 6f4910d chore: update spec file to use vendored dependencies
- 81d79aa chore: use goprep macro and enable pie
- d624dca ci(deps): Bump anchore/sbom-action from 0.20.1 to 0.20.2
- 839bae1 ci(deps): Bump github/codeql-action from 3.29.0 to 3.29.1
- 2718e43 ci(deps): Bump github/codeql-action from 3.29.1 to 3.29.2
- de608d6 ci(deps): Bump sigstore/cosign-installer from 3.9.0 to 3.9.1
- cc277c6 ci: introduce packit integration
- 7b3c1f4 rename complytime command throughout codebase
- 3149892 rename complytime in documentation and utils