-
Notifications
You must be signed in to change notification settings - Fork 183
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ability to Prevent Override for Designated Metaschema Content #465
Comments
We are implementing a stop-gap in #475. This issue will be revisited in a future sprint. |
* Schematron now reports duplicate definitions in a Metaschema as an error: see #465, #475 * Catalog metaschema and SP800-53 catalog adjustments renaming 'subcontrol' to 'control' per Issue #473 * Refactored metaschemas to avoid definition clashes; more/better Schematron to detect such clashes * Adding new module now required by catalog and profile metaschemas * Revising profiles to be valid to newly revised schema (no more references to subcontrol elements only controls) * Bug fix in Metaschema Schematron * Delete FedRAMP_HIGH-baseline_profile.xml * Delete FedRAMP_LOW-baseline_profile.xml * Delete FedRAMP_MODERATE-baseline_profile.xml * Create temp.txt * Revised FedRAMP Profiles These files include revisions to the FedRAMP baselines, plus a small FedRAMP catalog that provides three subcontrols added by FedRAMP. * Delete temp.txt * moved updated fedramp content to correct location * New and improved FedRAMP profiles * Repaired broken markdown conversion; added missing title content to FedRAMP catalog * add note about b -> strong and i -> em (#9) * Changed inline markup in FedRAMP profiles for lossless conversion * One more adjustment in Markdown->XML conversion (images) * One more time (cleaning up cleanup)
Currently, any attempt to override a definition is detected and warned against by the Metaschema Schematron, which effectively prohibits it since these checks must pass before any merge. Internally, the Metaschema still follows the rule that clashing definitions (whether a purposeful override or accidental) are resolved in favor of the definition appearing last. This permits graceful overriding if we want it -- and is arguably better (whether overriding is permitted, discouraged or formally prohibited) than producing a runtime error. |
September 5Suggest we review current status against requirements and close the Issue or rewrite it as appropriate. |
Assigning to sprint 25 to either add a new issue or close. |
@brianrugsa could you review the current status for this issue? In the current implementation, a Schematron currently prevents any overriding in any metaschema committed and run through CI/CD. We can relax this rule after further discussion. Besides the flag you propose, there are other potential solutions to the problem as stated. |
@wendellpiez I believe the current mechanisms address the concern, even though it wasn't accomplished with a flag. I agree with closing this issue. |
* Schematron now reports duplicate definitions in a Metaschema as an error: see usnistgov#465, usnistgov#475 * Catalog metaschema and SP800-53 catalog adjustments renaming 'subcontrol' to 'control' per Issue usnistgov#473 * Refactored metaschemas to avoid definition clashes; more/better Schematron to detect such clashes * Adding new module now required by catalog and profile metaschemas * Revising profiles to be valid to newly revised schema (no more references to subcontrol elements only controls) * Bug fix in Metaschema Schematron * Delete FedRAMP_HIGH-baseline_profile.xml * Delete FedRAMP_LOW-baseline_profile.xml * Delete FedRAMP_MODERATE-baseline_profile.xml * Create temp.txt * Revised FedRAMP Profiles These files include revisions to the FedRAMP baselines, plus a small FedRAMP catalog that provides three subcontrols added by FedRAMP. * Delete temp.txt * moved updated fedramp content to correct location * New and improved FedRAMP profiles * Repaired broken markdown conversion; added missing title content to FedRAMP catalog * add note about b -> strong and i -> em (usnistgov#9) * Changed inline markup in FedRAMP profiles for lossless conversion * One more adjustment in Markdown->XML conversion (images) * One more time (cleaning up cleanup)
* Schematron now reports duplicate definitions in a Metaschema as an error: see usnistgov#465, usnistgov#475 * Catalog metaschema and SP800-53 catalog adjustments renaming 'subcontrol' to 'control' per Issue usnistgov#473 * Refactored metaschemas to avoid definition clashes; more/better Schematron to detect such clashes * Adding new module now required by catalog and profile metaschemas * Revising profiles to be valid to newly revised schema (no more references to subcontrol elements only controls) * Bug fix in Metaschema Schematron * Delete FedRAMP_HIGH-baseline_profile.xml * Delete FedRAMP_LOW-baseline_profile.xml * Delete FedRAMP_MODERATE-baseline_profile.xml * Create temp.txt * Revised FedRAMP Profiles These files include revisions to the FedRAMP baselines, plus a small FedRAMP catalog that provides three subcontrols added by FedRAMP. * Delete temp.txt * moved updated fedramp content to correct location * New and improved FedRAMP profiles * Repaired broken markdown conversion; added missing title content to FedRAMP catalog * add note about b -> strong and i -> em (#9) * Changed inline markup in FedRAMP profiles for lossless conversion * One more adjustment in Markdown->XML conversion (images) * One more time (cleaning up cleanup)
User Story:
As an OSCAL developer, it would help to have confidence that metadata and back-matter assemblies are consistently implemented in all layers of OSCAL.
The current metaschema to schema mechanisms take a modular approach, with each of those assemblies in separate modules; however, the mechanism allows these assemblies to be overridden, which introduces the risk that these assemblies are implemented differently at different OSCAL levels.
While this override feature is desirable for some modules, it is not desirable for these assemblies. A metaschema directive to prevent the override of certain assemblies would eliminate this risk.
Goals:
Establish a metaschema mechanism to prevent the override of a specific assembly and/or an entire module.
Dependencies:
None
Acceptance Criteria
All OSCAL website and readme documentation affected by the changes in this issue have been updated. Changes to the OSCAL website can be made in the docs/content directory of your branch.
A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.
The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.
A module and/or assembly can be flagged to prevent the override, and the mechanism converts the metaschema to a schema while honoring this directive.
The text was updated successfully, but these errors were encountered: