Skip to content

Releases: complytime/complyctl

v1.0.0-rc.0

Choose a tag to compare

@github-actions github-actions released this 30 Jun 15:59

Changelog

New Features

Bug Fixes

Dependency Updates

  • 8f2bb41: chore(deps): bump github.com/gemaraproj/go-gemara from 0.5.0 to 0.7.0 (@dependabot[bot])
  • 5a77321: chore(deps): bump oras.land/oras-go/v2 from 2.6.0 to 2.6.1 (@dependabot[bot])

Infrastructure Updates

  • 0899428: ci(deps): bump actions/checkout from 6.0.3 to 7.0.0 (@dependabot[bot])
  • 7111b6f: ci(deps): bump actions/setup-go from 6.4.0 to 6.5.0 (@dependabot[bot])
  • c43dd68: ci(deps): bump actions/setup-go in /.github/actions/setup-complyctl (@dependabot[bot])
  • 46b5e50: ci(deps): bump complytime/org-infra/.github/workflows/reusable_ci.yml (#587) (@dependabot[bot])
  • 39765df: ci(deps): bump complytime/org-infra/.github/workflows/reusable_ci.yml (#630) (@dependabot[bot])
  • 65d06c3: ci(deps): bump complytime/org-infra/.github/workflows/reusable_compliance.yml (#597) (@dependabot[bot])
  • 1346d9d: ci(deps): bump complytime/org-infra/.github/workflows/reusable_compliance.yml (#628) (@dependabot[bot])
  • 914307d: ci(deps): bump complytime/org-infra/.github/workflows/reusable_crapload_analysis.yml (#588) (@dependabot[bot])
  • 5b832d8: ci(deps): bump complytime/org-infra/.github/workflows/reusable_crapload_analysis.yml (#639) (@dependabot[bot])
  • daa5815: ci(deps): bump complytime/org-infra/.github/workflows/reusable_dependabot_reviewer.yml (#591) (@dependabot[bot])
  • 7707c81: ci(deps): bump complytime/org-infra/.github/workflows/reusable_dependabot_reviewer.yml (#638) (@dependabot[bot])
  • 9914f62: ci(deps): bump complytime/org-infra/.github/workflows/reusable_deps_reviewer.yml (#599) (@dependabot[bot])
  • 78e01ea: ci(deps): bump complytime/org-infra/.github/workflows/reusable_deps_reviewer.yml (#627) (@dependabot[bot])
  • 11f1f10: ci(deps): bump complytime/org-infra/.github/workflows/reusable_scheduled.yml (#596) (@dependabot[bot])
  • e8947e3: ci(deps): bump complytime/org-infra/.github/workflows/reusable_scheduled.yml (#637) (@dependabot[bot])
  • e8b67f5: ci(deps): bump complytime/org-infra/.github/workflows/reusable_security.yml (#593) (@dependabot[bot])
  • 690d53c: ci(deps): bump complytime/org-infra/.github/workflows/reusable_security.yml (#626) (@dependabot[bot])
  • 27f4de7: ci(deps): bump complytime/org-infra/.github/workflows/reusable_sonarqube.yml (#590) (@dependabot[bot])
  • 21a6796: ci(deps): bump complytime/org-infra/.github/workflows/reusable_sonarqube.yml (#636) (@dependabot[bot])
  • 168b8ce: ci(deps): bump complytime/org-infra/.github/workflows/reusable_vuln_scan.yml (#589) (@dependabot[bot])
  • d1f339f: ci(deps): bump complytime/org-infra/.github/workflows/reusable_vuln_scan.yml (#629) (@dependabot[bot])
  • b6aa594: ci(deps): bump goreleaser/goreleaser-action from 7.2.2 to 7.2.3 (#644) (@dependabot[bot])

Other Work

v1.0.0-beta.0

Choose a tag to compare

@github-actions github-actions released this 12 Jun 20:34
c4cfc1a

Changelog

New Features

Bug Fixes

Dependency Updates

Infrastructure Updates

Read more

v1.0.0-alpha.0

Choose a tag to compare

@github-actions github-actions released this 27 Mar 15:58
9515e3d

Changelog

Highlights

From OSCAL to Gemara - complyctl has been redesigned to use Gemara natively as its core, replacing OSCAL. This shift simplifies policy authoring, streamlines evaluation, and provides a more intuitive and expressive foundation for compliance-as-code.

Branch protection assessment via Ampel - The new Ampel plugin validates repository branch protection rules against your compliance policies defined in Gemara, ensuring your GitHub and GitLab projects meet organizational security standards before issues arise, not after.

Spec-Driven Development - Development now follows a spec-driven workflow, where features are formally specified, planned, and broken into trackable tasks before implementation begins. This brings clarity, traceability, speed, and consistency to every change that lands in the codebase.

New Features

Dependency Updates

  • 42715a6: chore(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 (@dependabot[bot])

Infrastructure Updates

  • c15b1db: ci(deps): bump sigstore/cosign-installer from 4.1.0 to 4.1.1 (@dependabot[bot])

Other Work

v0.2.0

Choose a tag to compare

@github-actions github-actions released this 25 Mar 17:05
c29a6b2

Changelog

New Features

Bug Fixes

Dependency Updates

Infrastructure Updates

Documentation Updates

Other Work

v0.1.2

Choose a tag to compare

@github-actions github-actions released this 19 Dec 15:28
cc2cf43

Changelog

Dependency Updates

Infrastructure Updates

Other Work

v0.1.1

Choose a tag to compare

@github-actions github-actions released this 19 Nov 07:49
b9fafe8

Changelog

New Features

Bug fixes

Other work

v0.1.0

Choose a tag to compare

@github-actions github-actions released this 02 Oct 11:09
5e0603c

We released the first minor release of complyctl - a new mommand line Interface for RHEL and Fedora compliance assessment.
It features a decoupled plug-in architecture for flexibility, and generates standardized, machine-readable data using OSCAL.

Complyctl main commands released: list, info, plan, generate and scan.

Changelog

New Features

  • 505553b feat: CPLYTM-983 add support for waived rules
  • 7731d3d feat: adding context to man oscap plugin
  • 651e67b feat: factoring in review comments
  • 5a54b9d feat: initial man page plan editing example
  • 3b5f616 feat: introducing plan regeneration logic
  • f8356b1 feat: updating complyctl man commands
  • 19653c4 feat: updating the man page with waived rules
  • f0d87b4 feat: updating unit test regeneration logic

Bug fixes

  • 5e0603c fix: Ensure workspace error redundancy check (#287)
  • f9e06ac fix: reduced reference to scap
  • 64e130a fix: updating image source for diagram
  • 879397a fix: updating the plan command logic

Other work

  • 8896c49 Add doc for testing farm tests
  • d5f1aa8 Add integration test cases
  • aa7e347 Merge branch 'complytime:main' into add-doc-for-testing-farm
  • 01e3da6 Merge pull request #240 from hbraswelrh/feat/CPLYTM-949-manpage-plan-update
  • 4c3c9cd Merge pull request #245 from complytime/dependabot/go_modules/github.com/stretchr/testify-1.11.0
  • c1d1dcc Merge pull request #247 from hbraswelrh/feat/CPLYTM-901-regeneration-updates
  • fa6301e Merge pull request #248 from huiwangredhat/e2e-test-cases
  • ac52279 Merge pull request #249 from complytime/dependabot/github_actions/actions/dependency-review-action-4.7.3
  • 4a07b9f Merge pull request #250 from marcusburghardt/codeql_version
  • ffc0cba Merge pull request #251 from AlexXuan233/add-integration-test-case
  • b8dad21 Merge pull request #253 from complytime/dependabot/github_actions/SonarSource/sonarqube-scan-action-5.3.1
  • f80fb62 Merge pull request #254 from marcusburghardt/packit_update
  • 663f730 Merge pull request #255 from huiwangredhat/docs_for_tests
  • 3d034d4 Merge pull request #256 from complytime/dependabot/github_actions/github/codeql-action-3.30.0
  • 036bf58 Merge pull request #258 from complytime/dependabot/github_actions/actions/github-script-8.0.0
  • b7b647b Merge pull request #259 from complytime/dependabot/github_actions/github/codeql-action-3.30.1
  • dda796f Merge pull request #261 from complytime/dependabot/go_modules/github.com/spf13/cobra-1.10.1
  • 8f69866 Merge pull request #262 from complytime/dependabot/go_modules/github.com/oscal-compass/compliance-to-policy-go/v2-2.0.0-alpha.3
  • e7635e7 Merge pull request #263 from complytime/dependabot/go_modules/github.com/spf13/pflag-1.0.10
  • 153a9f8 Merge pull request #266 from complytime/dependabot/github_actions/github/codeql-action-3.30.2
  • c7754ab Merge pull request #267 from qduanmu/waive-rules
  • 0837b33 Merge pull request #268 from complytime/dependabot/github_actions/github/codeql-action-3.30.3
  • 3820483 Merge pull request #269 from qduanmu/refine-applyrulescope
  • d6ff271 Merge pull request #270 from hbraswelrh/docs/CPLYTM-984-waived-rules
  • 2b5be01 Merge pull request #272 from complytime/dependabot/github_actions/sigstore/cosign-installer-3.10.0
  • c2d94b3 Merge pull request #273 from complytime/dependabot/go_modules/github.com/oscal-compass/oscal-sdk-go-0.0.6
  • e3f6ee2 Merge pull request #274 from complytime/dependabot/go_modules/github.com/charmbracelet/bubbletea-1.3.9
  • 1e5d4e7 Merge pull request #275 from complytime/dependabot/go_modules/github.com/defenseunicorns/go-oscal-0.7.0
  • 72b7bfb Merge pull request #276 from complytime/dependabot/github_actions/anchore/sbom-action-0.20.6
  • 821c921 Merge pull request #277 from hbraswelrh/feat/CPLYTM-992-plugin-man-update
  • 654886e Merge pull request #278 from AlexXuan233/test-PRM-provide-content
  • c32689a Merge pull request #279 from hbraswelrh/feat/CPLYTM-1023-complyctl-man-page
  • db4f549 Merge pull request #281 from qduanmu/bump-oscal-sdk-go
  • 3227ed6 Merge pull request #282 from AlexXuan233/add-doc-for-testing-farm
  • ad3f8bc Merge pull request #283 from hbraswelrh/docs/CPLYTM-1006-diagram
  • 0f1bd71 Merge pull request #284 from complytime/dependabot/go_modules/github.com/charmbracelet/bubbletea-1.3.10
  • 0964b97 Merge pull request #285 from complytime/dependabot/go_modules/github.com/oscal-compass/compliance-to-policy-go/v2-2.0.0-alpha.4
  • d955ea2 Merge pull request #286 from huiwangredhat/update_placeholders
  • 7bef5c7 Merge pull request #288 from ccronca/docs/fix-component-definition-link
  • 0a0122b Merge pull request #289 from qduanmu/bump-oscal-sdk-go-0.0.8
  • 6572442 Merge pull request #290 from complytime/dependabot/github_actions/github/codeql-action-3.30.4
  • bd6de65 Merge pull request #291 from qduanmu/create-appdirectory-message
  • 995023b Merge pull request #294 from ccronca/chore/dependabot-setup-complyctl-action
  • 3dc498a Merge pull request #295 from qduanmu/update-openscap-message
  • a69f4a9 Merge pull request #296 from complytime/dependabot/github_actions/actions/dependency-review-action-4.8.0
  • 877557b Merge pull request #297 from complytime/dependabot/github_actions/github/codeql-action-3.30.5
  • 9591cde Merge pull request #299 from qduanmu/mulitiple-invalid-rules
  • 1f9bf3f Merge pull request #302 from complytime/dependabot/github_actions/dot-github/actions/setup-complyctl/actions/setup-go-6.0.0
  • 201d1b8 Merge pull request #303 from complytime/dependabot/github_actions/actions/setup-go-6.0.0
  • 9d7546f Merge pull request #304 from gvauter/chore/bump-go-1.24.6
  • d191127 Merge pull request #305 from complytime/dependabot/github_actions/ossf/scorecard-action-2.4.3
  • 57b8684 Using test farm to test RPM provide content
  • cf7c7e4 chore(deps): Bump github.com/charmbracelet/bubbletea
  • 5150945 chore(deps): Bump github.com/charmbracelet/bubbletea from 1.3.6 to 1.3.7
  • 3966b6b chore(deps): Bump github.com/charmbracelet/bubbletea from 1.3.8 to 1.3.9
  • 6740adc chore(deps): Bump github.com/defenseunicorns/go-oscal
  • dc4a4ec chore(deps): Bump github.com/oscal-compass/compliance-to-policy-go/v2
  • 4233965 chore(deps): Bump github.com/oscal-compass/compliance-to-policy-go/v2
  • 86e0d6c chore(deps): Bump github.com/oscal-compass/oscal-sdk-go
  • 2b56b22 chore(deps): Bump github.com/spf13/cobra from 1.9.1 to 1.10.1
  • 6dee14f chore(deps): Bump github.com/spf13/pflag from 1.0.7 to 1.0.10
  • fd1d3ad chore(deps): Bump github.com/stretchr/testify from 1.10.0 to 1.11.0
  • 229f778 chore: CPLYTM-985 add test cases for waived rules
  • 770461e chore: [CPLYTM-1018] remove placeholders
  • f46f949 chore: [CPLYTM-566] Create badge that shows pass/fail status on update-sonarcloud-github-status (#271)
  • aebc095 chore: [CPLYTM-944] add document for e2e and integration test
  • 8ebf25d chore: add dependabot support for setup-complyctl action
  • c73747c chore: add message for creating application directory
  • 97a8611 chore: bump go version to 1.24.6
  • c94045c chore: bump oscal-sdk-go to 0.0.8
  • 03335b6 chore: bump oscal-sdk-go version to 0.0.7
  • 1b63d61 chore: inform a list of invalid rules
  • 0b1ba9d chore: refine apply rule scope
  • 928ce5b ch...
Read more

v0.0.10

Choose a tag to compare

@github-actions github-actions released this 21 Aug 14:13
1bbfdcb

Changelog

New Features

  • 504dc4a feat: adding parameter flag to unit test
  • ca2c5c5 feat: introducing parameter flag to info command
  • fdacabb feat: introducing parameter selections
  • 57f8fe3 feat: separating functions based on review
  • 3070204 feat: updating the documentation for parameters
  • 016bde8 feat: updating unit-tests for dry-run output

Bug fixes

  • 5ce4cff fix: updating TUI formatting based on review
  • e53f5f6 fix: updating convention for sdk

Other work

  • ca3eeeb Add an integration test pipeline
  • 028a0c5 Merge pull request #198 from complytime/dependabot/go_modules/github.com/charmbracelet/bubbletea-1.3.6
  • 580875a Merge pull request #202 from complytime/dependabot/go_modules/github.com/spf13/pflag-1.0.7
  • 4f65094 Merge pull request #203 from complytime/dependabot/go_modules/github.com/ComplianceAsCode/compliance-operator-1.7.0
  • c7cbe08 Merge pull request #211 from marcusburghardt/sonar_key
  • 018ca32 Merge pull request #214 from marcusburghardt/fedora_troubleshooting
  • 2ca54f1 Merge pull request #215 from complytime/dependabot/github_actions/github/codeql-action-3.29.5
  • 9b7df7c Merge pull request #217 from complytime/dependabot/go_modules/github.com/oscal-compass/oscal-sdk-go-0.0.5
  • 287bf8e Merge pull request #218 from complytime/dependabot/github_actions/actions/download-artifact-5.0.0
  • d62b489 Merge pull request #220 from hbraswelrh/feat/CPLYTM-932-parameter-flag
  • f297130 Merge pull request #223 from complytime/dependabot/github_actions/actions/checkout-5.0.0
  • 8d7aa42 Merge pull request #224 from hbraswelrh/feat/sdk-convention-updates
  • d3bc331 Merge pull request #225 from complytime/dependabot/github_actions/github/codeql-action-3.29.9
  • b2d82c4 Merge pull request #228 from hbraswelrh/docs/CPLYTM-898-help-example
  • 18d75a0 Merge pull request #229 from hbraswelrh/feat/CPLYTM-899-dry-run-logic
  • 830b529 Merge pull request #230 from qduanmu/bump-c2p
  • 58f828e Merge pull request #232 from complytime/dependabot/github_actions/anchore/sbom-action-0.20.5
  • c5dd4e8 Merge pull request #233 from complytime/dependabot/github_actions/goreleaser/goreleaser-action-6.4.0
  • 4ad27da Merge pull request #235 from marcusburghardt/vendor_dep
  • 147c737 Merge pull request #236 from complytime/dependabot/go_modules/github.com/hashicorp/go-plugin-1.7.0
  • 1bbfdcb Merge pull request #237 from complytime/dependabot/go_modules/github.com/defenseunicorns/go-oscal-0.6.3
  • f8096a2 Merge pull request #238 from huiwangredhat/add_e2e_pipeline
  • 4cccc0d Merge pull request #239 from AlexXuan233/add-integration-test-pipeline
  • b90a326 Merge pull request #241 from complytime/dependabot/github_actions/github/codeql-action-3.29.10
  • ab09601 Merge pull request #242 from complytime/dependabot/github_actions/actions/dependency-review-action-4.7.2
  • 4b2d4bb chore(deps): Bump github.com/ComplianceAsCode/compliance-operator
  • 5a5ee06 chore(deps): Bump github.com/charmbracelet/bubbletea from 1.3.5 to 1.3.6
  • d362848 chore(deps): Bump github.com/defenseunicorns/go-oscal
  • 96ea65a chore(deps): Bump github.com/hashicorp/go-plugin from 1.6.3 to 1.7.0
  • 13bf06c chore(deps): Bump github.com/oscal-compass/oscal-sdk-go
  • efd1947 chore(deps): Bump github.com/spf13/pflag from 1.0.6 to 1.0.7
  • 7a0ce22 chore: [CPLYTM-941] add e2e pipeline
  • ecf1224 chore: bump c2p version to 2.0.0-alpha.2
  • 1bf8958 chore: create exception for line ends issue
  • 03c18b3 ci(deps): Bump actions/checkout from 4.2.2 to 5.0.0
  • 23e9ee4 ci(deps): Bump actions/dependency-review-action from 4.7.1 to 4.7.2
  • b811f2d ci(deps): Bump actions/download-artifact from 4.3.0 to 5.0.0
  • 8ff93fe ci(deps): Bump anchore/sbom-action from 0.20.4 to 0.20.5
  • 61a9afc ci(deps): Bump github/codeql-action from 3.29.4 to 3.29.5
  • 0c881db ci(deps): Bump github/codeql-action from 3.29.7 to 3.29.9
  • 6018570 ci(deps): Bump github/codeql-action from 3.29.9 to 3.29.10
  • be118bf ci(deps): Bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0
  • ecfa5d8 ci: fix sonar project key
  • 781d0b0 rebase the integration test
  • 0a4ddfb replace the vm with a container

v0.0.9

Choose a tag to compare

@github-actions github-actions released this 25 Jul 09:44
5c11f8d

Changelog

New Features

  • 6b39858 feat: adding GetControlTitle function
  • 4060327 feat: populate sample content by default in RPM

Bug fixes

  • 02797b8 fix: disable debug packages
  • a75d455 fix: updating caching based on feedback

Documentation updates

  • afdbbff doc: expand example command usage with scope config

Other work

  • 536e5ef Apply suggestions from code review
  • 9e3fbce Merge pull request #193 from gvauter/docs/CPLYTM-815
  • db50716 Merge pull request #196 from marcusburghardt/elements_match_test
  • f50044c Merge pull request #197 from hbraswelrh/feat/CPLYTM-887-refactor
  • ba4ec05 Merge pull request #199 from qduanmu/add-openscap-manpage
  • 3b0fb41 Merge pull request #200 from marcusburghardt/fedora_release
  • 9921017 Merge pull request #201 from complytime/dependabot/github_actions/sigstore/cosign-installer-3.9.2
  • 1c2ef00 Merge pull request #204 from complytime/dependabot/github_actions/github/codeql-action-3.29.3
  • 5c11f8d Merge pull request #205 from complytime/dependabot/github_actions/anchore/sbom-action-0.20.4
  • 5babc0c Merge pull request #206 from marcusburghardt/update_samples
  • 313103c Merge pull request #207 from complytime/dependabot/github_actions/SonarSource/sonarqube-scan-action-5.3.0
  • bdd3d89 Merge pull request #208 from marcusburghardt/packit_auto
  • 7a9e883 Merge pull request #210 from complytime/dependabot/github_actions/github/codeql-action-3.29.4
  • 892241b Update docs/RELEASE_PROCESS.md
  • 5bc2276 chore: add openscap plugin man page
  • 5c47a2e chore: ensure included controls are ordered
  • e118860 chore: include versions in spec changelog
  • 0a8295b chore: rename openscap plugin man page and update example
  • 48cc581 chore: update DESCRIPTION in complyctl-openscap-plugin.md
  • e4ca6a7 chore: update sample files based on CUSP for Fedora
  • 576f99c ci(deps): Bump SonarSource/sonarqube-scan-action from 5.2.0 to 5.3.0
  • cef90f9 ci(deps): Bump anchore/sbom-action from 0.20.2 to 0.20.4
  • 43b5d19 ci(deps): Bump github/codeql-action from 3.29.2 to 3.29.3
  • 2d77455 ci(deps): Bump github/codeql-action from 3.29.3 to 3.29.4
  • 5382c9c ci(deps): Bump sigstore/cosign-installer from 3.9.1 to 3.9.2
  • 2d97548 ci: automate fedora updates after releasing

v0.0.8

Choose a tag to compare

@github-actions github-actions released this 09 Jul 07:14
87f7a9d

Changelog

New Features

  • 1dc8889 feat: add default includeRules statement for dry-run
  • c2c93d6 feat: add support for excluding rules in a scope config
  • 09c8acb feat: vendor go dependencies

Bug fixes

  • 601b388 fix: detect datastream files without versions
  • 6ba6c43 fix: remove unnecessary processing of steps and activity rule prop
  • 47fdebf fix: rename complyctl man file

Other work

  • 672e4e1 Merge pull request #166 from gvauter/complyctl-rename
  • 878689d Merge pull request #175 from marcusburghardt/packit
  • 0ccbd1f Merge pull request #180 from complytime/dependabot/go_modules/github.com/goccy/go-yaml-1.18.0
  • 6d5a478 Merge pull request #181 from qduanmu/nil-default
  • b6253f6 Merge pull request #182 from complytime/dependabot/github_actions/sigstore/cosign-installer-3.9.1
  • 4052f60 Merge pull request #183 from gvauter/chore/sonar-rename
  • 70e82a7 Merge pull request #184 from marcusburghardt/vendor_dep
  • ee8e123 Merge pull request #186 from complytime/dependabot/github_actions/github/codeql-action-3.29.1
  • ffda7d0 Merge pull request #187 from gvauter/feat/CPLYTM-883
  • 1f65a2b Merge pull request #188 from complytime/dependabot/github_actions/github/codeql-action-3.29.2
  • ca6aa4a Merge pull request #189 from marcusburghardt/fedora_review
  • 87f7a9d Merge pull request #190 from gvauter/feat/CPLYTM-814
  • c93cb86 Merge pull request #191 from complytime/dependabot/github_actions/anchore/sbom-action-0.20.2
  • ed2c41f Merge pull request #192 from marcusburghardt/CPLYTM-767
  • 624679c Merge pull request #194 from marcusburghardt/date_fix
  • 9e5da40 chore(deps): Bump github.com/goccy/go-yaml from 1.17.1 to 1.18.0
  • de6935d chore: ensure ownership of all directories in SPEC
  • 5cb05ae chore: fix date in spec changelong
  • 9a3afa4 chore: fix rpmlint regarding english words
  • 2a6e40d chore: include plugin manifest file in SPEC file
  • 8537dc1 chore: set nil default to empty string for optional configuration
  • 4c94051 chore: update Makefile to use vendored dependencies
  • 44ceb1c chore: update sonar project key and name
  • 6f4910d chore: update spec file to use vendored dependencies
  • 81d79aa chore: use goprep macro and enable pie
  • d624dca ci(deps): Bump anchore/sbom-action from 0.20.1 to 0.20.2
  • 839bae1 ci(deps): Bump github/codeql-action from 3.29.0 to 3.29.1
  • 2718e43 ci(deps): Bump github/codeql-action from 3.29.1 to 3.29.2
  • de608d6 ci(deps): Bump sigstore/cosign-installer from 3.9.0 to 3.9.1
  • cc277c6 ci: introduce packit integration
  • 7b3c1f4 rename complytime command throughout codebase
  • 3149892 rename complytime in documentation and utils