chore: Trestle Release

CONTRIBUTING.md

@@ -7,7 +7,7 @@ To contribute code or documentation, please submit a [pull request](https://gith
 
 A good way to familiarize yourself with the codebase and contribution process is
 to look for and tackle low-hanging fruit in the [issue tracker](https://github.com/oscal-compass/compliance-trestle/issues).
-Before embarking on a more ambitious contribution, please quickly [get in touch](https://oscal-compass.github.io/compliance-trestle/maintainers/) with us.
+Before embarking on a more ambitious contribution, please quickly [get in touch](https://oscal-compass.github.io/compliance-trestle/latest/contributing/maintainers/) with us.
 
 **Note: We appreciate your effort, and want to avoid a situation where a contribution
 requires extensive rework (by you or by us), sits in backlog for a long time, or
@@ -32,7 +32,7 @@ review to indicate acceptance.
 
 A change requires LGTMs from at least two reviewers. One of the reviewers must be a [`CODEOWNER`](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners).
 
-For a list of the maintainers (also codeowners), see the [maintainers](https://oscal-compass.github.io/compliance-trestle/maintainers/) page.
+For a list of the maintainers (also codeowners), see the [maintainers](https://oscal-compass.github.io/compliance-trestle/latest/contributing/maintainers/)
 
 ### Trestle updating, testing and release logistics
 
@@ -88,7 +88,7 @@ The devops process does not _strictly_ enforce typing, however, the expectation
 commits with a focus on quality over quantity (e.g. don't add `Any` everywhere just to meet coverage requirements).
 Python typing of functions is an active work in progress.
 
-`mkbuild` is used to generate the [trestle documenation site](https://oscal-compass.github.io/compliance-trestle). The `mkbuild`
+`mkbuild` is used to generate the [trestle documenation site](https://oscal-compass.github.io/compliance-trestle/latest). The `mkbuild`
 website includes an API reference section generated from the code. Docstrings within the code are expected to follow
 [google style docstrings](https://www.sphinx-doc.org/en/master/usage/extensions/example_google.html).
 
@@ -116,7 +116,7 @@ e.g.
 
 We have tried to make it as easy as possible to make contributions. This
 applies to how we handle the legal aspects of contribution. We use the
-same approach - the [Developer's Certificate of Origin 1.1 (DCO)](https://oscal-compass.github.io/compliance-trestle/contributing/DCO/) - that the Linux® Kernel [community](https://developercertificate.org/)
+same approach - the [Developer's Certificate of Origin 1.1 (DCO)](https://oscal-compass.github.io/compliance-trestle/latest/contributing/DCO/) - that the Linux® Kernel [community](https://developercertificate.org/)
 uses to manage code contributions.
 
 We simply ask that when submitting a patch for review, the developer

README.md

@@ -64,11 +64,11 @@ Users needing to import XML OSCAL artifacts are recommended to look at NIST's XM
 
 Trestle runs on almost all Python platforms (e.g. Linux, Mac, Windows), is available on PyPi and can be easily installed via pip. It is under active development and new releases are made available regularly.\
 To install run: `pip install compliance-trestle`\
-See [Install trestle in a python virtual environment](https://oscal-compass.github.io/compliance-trestle/python_trestle_setup/) for the full installation guide.
+See [Install trestle in a python virtual environment](https://oscal-compass.github.io/compliance-trestle/latest/installation/) for the full installation guide.
 
 ## Complete documentation and tutorials
 
-Complete documentation, tutorials, and background on compliance can be found [here](https://oscal-compass.github.io/compliance-trestle).
+Complete documentation, tutorials, and background on compliance can be found [here](https://oscal-compass.github.io/compliance-trestle/latest).
 
 ## Agile Authoring
 
@@ -101,7 +101,7 @@ Please refer to the community [README](https://github.com/oscal-compass/communit
 
 ## Contributing to Trestle
 
-Our project welcomes external contributions. Please consult [contributing](https://oscal-compass.github.io/compliance-trestle/contributing/mkdocs_contributing/) to get started.
+Our project welcomes external contributions. Please consult [contributing](https://oscal-compass.github.io/compliance-trestle/latest/contributing/mkdocs_contributing/) to get started.
 
 ## Code of Conduct
 

docs/index.md

@@ -37,11 +37,61 @@ Trestle provides tooling to help orchestrate the compliance process across a num
 
 ## Important Note:
 
-The current version of trestle supports NIST OSCAL 1.0.0-4.  There was a breaking change in OSCAL moving from
-version 1.0.0 to 1.0.2 mainly due to `prop` becoming `props` in AssessmentResults.  As a result, the current development path of trestle requires OSCAL 1.0.4, but for those who require OSCAL 1.0.0 please use trestle version 0.37.x.  That version is stable but will not have any features added, and we encourage users to move to OSCAL 1.0.4.
+The current version of trestle 3.x supports NIST OSCAL 1.1.2.
+Below shows trestle versions correspondence with OSCAL versions:
 
-OSCAL version 1.0.0 files are still handled on import but any AssessmentResults must conform to the OSCAL 1.0.4 schema, with
-props instead of prop.  And all files created by trestle will be output as OSCAL version 1.0.4.
+```
+trestle 3.x => OSCAL 1.1.2
+trestle 2.x => OSCAL 1.0.4
+trestle 1.x => OSCAL 1.0.2
+trestle 0.37.x => OSCAL 1.0.0
+```
+
+Visit [pypi](https://pypi.org/project/compliance-trestle/#history) for trestle release history and downloads.
+
+## Notes for install of current and older versions of trestle
+
+#### Install of trestle 3.x
+
+Use python 3.11.
+
+```
+python3.11 -m venv venv.trestle
+source venv.trestle/bin/activate
+pip install compliance-trestle==3.6.0
+trestle version
+Trestle version v3.6.0 based on OSCAL version 1.1.2
+```
+
+#### Install of trestle 2.x
+
+Use python 3.9.
+
+```
+python3.9 -m venv venv.trestle
+source venv.trestle/bin/activate
+pip install compliance-trestle==2.6.0
+trestle version
+Trestle version v2.6.0 based on OSCAL version 1.0.4
+```
+
+#### Install of trestle 1.x
+
+Use python 3.9.
+
+Due to dependency updates since the release of trestle 1.2.0, perform the following in your venv:
+
+```
+python3.9 -m venv venv.trestle
+source venv.trestle/bin/activate
+pip install compliance-trestle==1.2.0
+pip uninstall pydantic
+pip uninstall pydantic_core
+pip install pydantic==1.10.2
+pip install requests
+trestle version
+Trestle version v1.2.0 based on OSCAL version 1.0.2
+```
 
 ## Why Trestle
 
@@ -79,7 +129,7 @@ Trestle runs on most all python platforms (e.g. Linux, Mac, Windows) and is avai
 
 ## Development status
 
-Compliance trestle is currently stable and is based on NIST OSCAL version 1.0.4, with active development continuing.
+Compliance trestle is currently stable and is based on NIST OSCAL version 1.1.2, with active development continuing.
 
 ## Contributing to Trestle
 

docs/reference/API/trestle/tasks/cis_xlsx_to_oscal_cd.md

@@ -0,0 +1,7 @@
+---
+title: trestle.tasks.cis_xlsx_to_oscal_cd
+description: Documentation for trestle.tasks.cis_xlsx_to_oscal_cd module
+---
+
+::: trestle.tasks.cis_xlsx_to_oscal_cd
+handler: python

docs/tutorials/Transformers_and_Tasks/OCP4_CIS_profile_to_oscal_cd.md

@@ -17,7 +17,7 @@ The second is a one-command transformation from `.profile` to `OSCAL.json`.
 
 ## Step 1: Install trestle in a Python virtual environment
 
-Follow the instructions [here](https://oscal-compass.github.io/compliance-trestle/python_trestle_setup/) to install trestle in a virtual environment.
+Follow the instructions [here](https://oscal-compass.github.io/compliance-trestle/latest/installation/) to install trestle in a virtual environment.
 
 ## Step 2: Transform profile data (CIS benchmarks)
 

docs/tutorials/Transformers_and_Tasks/csv_to_oscal_cd.md

@@ -169,7 +169,7 @@ The below table represents the expectations of trestle task `csv-to-oscal-cd` fo
 
 ## *Step 1: Install trestle in a Python virtual environment*
 
-Follow the instructions [here](https://oscal-compass.github.io/compliance-trestle/python_trestle_setup/) to install trestle in a virtual environment.
+Follow the instructions [here](https://oscal-compass.github.io/compliance-trestle/latest/installation/) to install trestle in a virtual environment.
 
 ## *Step 2: Transform profile data (CIS benchmarks)*
 

docs/tutorials/Trestle_authoring/ssp_profile_catalog_authoring.md

@@ -321,7 +321,7 @@ Access control policy and procedures address the controls in the AC family that
 <!-- "## Part" parts are new subparts added into the existing top-level statement part with that label. -->
 <!-- Subparts may be added with nested hash levels of the form ### My Subpart Name -->
 <!-- underneath the parent ## Control or ## Part being added -->
-<!-- See https://oscal-compass.github.io/compliance-trestle/tutorials/ssp_profile_catalog_authoring/ssp_profile_catalog_authoring for guidance. -->
+<!-- See https://oscal-compass.github.io/compliance-trestle/latest/tutorials/Trestle_authoring/ssp_profile_catalog_authoring/ for guidance. -->
 
 ## Control Implementation Guidance
 

docs/tutorials/Trestle_authoring/trestle_author.md

@@ -690,7 +690,7 @@ CLI evocation:
 
 > trestle author catalog-assemble
 
-The `catalog` author commands allow you to convert a control catalog to markdown and edit its control statement, then assemble markdown back into an OSCAL catalog with the modifications to the statement.  Items in the statement may be edited or added.  For more details on its usage please see [the catalog authoring tutorial](https://oscal-compass.github.io/compliance-trestle/tutorials/ssp_profile_catalog_authoring/ssp_profile_catalog_authoring).
+The `catalog` author commands allow you to convert a control catalog to markdown and edit its control statement, then assemble markdown back into an OSCAL catalog with the modifications to the statement.  Items in the statement may be edited or added.  For more details on its usage please see [the catalog authoring tutorial](https://oscal-compass.github.io/compliance-trestle/latest/tutorials/Trestle_authoring/ssp_profile_catalog_authoring/).
 
 ### Profile authoring
 
@@ -704,7 +704,7 @@ CLI evocation:
 
 > trestle author profile-assemble
 
-The `profile` author commands allow you to edit additions made by a profile to its imported controls that end up in the final resolved profile catalog.  Only the additions may be edited or added to the generated markdown control files - and those additions can then be assembled into a new version of the original profile, with those additions.  For more details on its usage please see [the profile authoring tutorial](https://oscal-compass.github.io/compliance-trestle/tutorials/ssp_profile_catalog_authoring/ssp_profile_catalog_authoring).
+The `profile` author commands allow you to edit additions made by a profile to its imported controls that end up in the final resolved profile catalog.  Only the additions may be edited or added to the generated markdown control files - and those additions can then be assembled into a new version of the original profile, with those additions.  For more details on its usage please see [the profile authoring tutorial](https://oscal-compass.github.io/compliance-trestle/latest/tutorials/Trestle_authoring/ssp_profile_catalog_authoring/).
 
 ### Profile generation with inheritance
 
@@ -719,7 +719,7 @@ All components must have exported provided statements, no exported responsibilit
 
 As with the other related author commands, if an existing destination file already exists, it is not updated if no changes would be made.
 
-For more details on its usage please see [the ssp-filter tutorial](https://oscal-compass.github.io/compliance-trestle/tutorials/ssp_profile_catalog_authoring/ssp_profile_catalog_authoring).
+For more details on its usage please see [the ssp-filter tutorial](https://oscal-compass.github.io/compliance-trestle/latest/tutorials/Trestle_authoring/ssp_profile_catalog_authoring/).
 
 ### SSP authoring
 
@@ -735,7 +735,7 @@ CLI evocation:
 
 The `ssp-generate` sub-command creates a partial SSP (System Security Plan) from a profile and optional yaml header file.  `ssp-assemble` can then assemble the markdown files into a single json SSP file.
 
-For more details on its usage please see [the ssp authoring tutorial](https://oscal-compass.github.io/compliance-trestle/tutorials/ssp_profile_catalog_authoring/ssp_profile_catalog_authoring).
+For more details on its usage please see [the ssp authoring tutorial](https://oscal-compass.github.io/compliance-trestle/latest/tutorials/Trestle_authoring/ssp_profile_catalog_authoring/).
 
 ### SSP Content Filtering
 
@@ -757,6 +757,6 @@ You may filter by a combination of a profile, list of component names, implement
 
 As with the other related author commands, if an existing destination file already exists, it is not updated if no changes would be made.
 
-For more details on its usage please see [the ssp-filter tutorial](https://oscal-compass.github.io/compliance-trestle/tutorials/ssp_profile_catalog_authoring/ssp_profile_catalog_authoring).
+For more details on its usage please see [the ssp-filter tutorial](https://oscal-compass.github.io/compliance-trestle/latest/tutorials/Trestle_authoring/ssp_profile_catalog_authoring/).
 
 </details>

docs/tutorials/cli.md

@@ -148,7 +148,7 @@ This command will return the current version of Trestle and OSCAL it is using.
 
 Running `trestle version` will return:
 
-> Trestle version v2.0.0 based on OSCAL version 1.0.4
+> Trestle version v3.x.x based on OSCAL version 1.1.2
 
 It can also be used to retrieve the metadata version of the OSCAL object:
 
@@ -165,7 +165,7 @@ It can also be used to retrieve the metadata version of the OSCAL object:
 
       "version": "0.1.10", <<< this version here
 
-      "oscal-version": "1.0.4"
+      "oscal-version": "1.1.2"
 
     },
 ...
@@ -176,7 +176,7 @@ It can also be used to retrieve the metadata version of the OSCAL object:
 
 Running `trestle version -n nist -t catalog` will return:
 
-> Version of OSCAL object of nist catalog is: 1.0.0
+> Version of OSCAL object of nist catalog is: 1.1.2
 
 ## `trestle init`
 

mkdocs.yml

@@ -1,5 +1,7 @@
 edit_uri: ''
 extra:
+  version:
+    provider: mike
   analytics:
     property: G-XT3KGMHSY8
     provider: google

setup.cfg

@@ -29,7 +29,7 @@ install_requires =
     attrs
     ilcli
     cryptography==43.0.3
-    paramiko==3.4.0
+    paramiko==3.5.0
     ruamel.yaml
     furl
     pydantic[email]>=2.0.0

tests/data/tasks/cis-xlsx-to-oscal-cd/test-cis-xlsx-to-oscal-cd.db2.snippet.config

@@ -0,0 +1,18 @@
+[task.cis-xlsx-to-oscal-cd]
+
+benchmark-file = tests/data/tasks/cis-xlsx-to-oscal-cd/CIS_IBM_Db2_11_Benchmark_v1.1.0.snippet.xlsx
+benchmark-title = CIS IBM Db2 11 Benchmark
+benchmark-version =  1.1.0 
+
+namespace = https://oscal-compass/compliance-trestle/schemas/oscal/cd
+
+component-name = IBM Db2 11
+component-description = IBM Db2 11
+component-type = software
+
+profile-version = v8
+profile-source = catalogs/CIS_controls_v8/catalog.json
+profile-description = CIS catalog v8
+
+output-dir = tests/data/tasks/cis-xlsx-to-oscal-cd/output
+output-overwrite = true

tests/trestle/core/commands/author/ssp_test.py

@@ -1160,14 +1160,19 @@ def test_ssp_gen_and_assemble_add_props(tmp_trestle_dir: pathlib.Path) -> None:
     impl_reqs = assem_ssp.control_implementation.implemented_requirements
     impl_req = next((i_req for i_req in impl_reqs if i_req.control_id == 'ac-1'), None)
     assert len(impl_req.props) == 1
-    assert impl_req.props[0].name == 'prop_with_ns'
-    assert impl_req.props[0].value == 'prop with ns'
-    assert impl_req.props[0].ns == 'https://my_new_namespace'
+    assert impl_req.props[0].name == 'prop_with_ns'  # type: ignore
+    assert impl_req.props[0].value == 'prop with ns'  # type: ignore
+    assert impl_req.props[0].ns == 'https://my_new_namespace'  # type: ignore
 
     smt_a = next((smt for smt in impl_req.statements if smt.statement_id == 'ac-1_smt.a'), None)
     assert len(smt_a.props) == 1
-    assert smt_a.props[0].name == 'smt_prop'
-    assert smt_a.props[0].value == 'smt prop'
+    assert smt_a.props[0].name == 'smt_prop'  # type: ignore
+    assert smt_a.props[0].value == 'smt prop'  # type: ignore
+
+    # Run again and check that there is no change
+    assert ssp_assemble._run(args) == 0
+    assem_ssp_2, _ = ModelUtils.load_model_for_class(tmp_trestle_dir, ssp_name, ossp.SystemSecurityPlan)
+    assert assem_ssp_2.metadata.last_modified == assem_ssp.metadata.last_modified
 
 
 def test_ssp_gen_and_assemble_implementation_parts(tmp_trestle_dir: pathlib.Path, monkeypatch: MonkeyPatch) -> None:

tests/trestle/core/utils_test.py

@@ -41,6 +41,7 @@
 from trestle.common.err import TrestleError
 from trestle.common.model_utils import ModelUtils
 from trestle.common.str_utils import AliasMode
+from trestle.common.str_utils import as_bool
 
 
 def load_good_catalog() -> catalog.Catalog:
@@ -352,3 +353,10 @@ def test_prune_empty_dirs(tmp_path: pathlib.Path) -> None:
     assert not (tmp_path / 'sub1/sub11/sub111').exists()
     assert foo_path.exists()
     assert bar_path.exists()
+
+
+def test_as_bool(tmp_path: pathlib.Path) -> None:
+    """Test as_bool function."""
+    assert as_bool('true')
+    assert not as_bool('false')
+    assert not as_bool(None)