Features
- #67 go-getter for accessing
including
attributes #69 (xntrik) - #67 go-getter used for imports now as well. Plus some chore #69 (xntrik)
- #3 - we now have a constraint system that allows graceful #69 (xntrik)
- #3 rejigged the constraint versioning #69 (xntrik)
- #41 Most of the new expanded_control logic is in place now #69 (xntrik)
- Parse for legacy DFDs and shift into the new format #78 (xntrik)
- Adding contraint checks for old dfd blocks #29 #78 (xntrik)
- list command now handles number of DFD in output #29 #78 (xntrik)
- Multiple DFDs per TM are now supported #29 #78 (xntrik)
- TMs now support additiona_attribute blocks #71 #78 (xntrik)
- Addressing shortcomings of go-getter #83 #88 (xntrik)
- preparing for 0.2.0 release of hcltm - now threatcl #92 (xntrik)
Bug Fixes
- Dockerfile to reduce vulnerabilities #46 (snyk-bot)
- updated gopkg.in/yaml.v3 to address CVE-2022-28948 #57 (cfrichot)
- Fixes a minor issue with boilerplate generation #100 #101 (xntrik)
- Minor spec example fix #00 #102 (xntrik)
Documentation
- Updated release steps in CONTRIBUTING file (xntrik)
- Updating contributing (xntrik)
- updating documentation for 0.1.5 #69 (xntrik)
- updated example dashboard #78 (xntrik)
- Updated CHANGELOG #78 (xntrik)
- Updated CONTRIBUTING.md with some rough notes for managing docker #88 (xntrik)
- Updating docs to 0.2.0 #92 (xntrik)
- Adjusting docs and Makefile slightly (xntrik)
- Minor update to README with link to docs #99 (xntrik)
- Minor update to README #103 (xntrik)
Tests
- updated tests for DOT output #78 (xntrik)
- for the multi dfd contstraint check #29 #78 (xntrik)
- for the multi dfd contstraint check - forgot to add the test file #29 #78 (xntrik)
- Forgot to add the test file for #29 #78 (xntrik)
- added test for #83 #88 (xntrik)
Continuous Integration
- Adjusting the semgrep action #57 (cfrichot)
- Updating semgrep action again #57 (cfrichot)
- working on getting docker built on gh actions #78 (xntrik)
- adding qemu #78 (xntrik)
- Updating release to include docker building for GHCR #78 (xntrik)
- updating golang #78 (xntrik)
- Updated pre-release to test-build docker build #78 (xntrik)
- Tweaking pre-release action #79 (xntrik)
- Adding env flags to pre-release action #80 (xntrik)
- bumping some codeql actions #88 (xntrik)
- Updating out of date actions and bumping CI to Go 1.20 #88 (xntrik)
- bumping gh checkout action #90 #91 (xntrik)
- bumping codeql action #91 (xntrik)
- removing codeql yaml #92 (xntrik)
- Adjustment to pre-release job (xntrik)
- adjusting ci again (xntrik)
- Trying to get releasing working (xntrik)
- dev release tag is there now (xntrik)
- added clang to macos build (xntrik)
- attempt again (xntrik)
- nit pick fix (xntrik)
- Updated mac job to a mac worker (xntrik)
- another nit pick (xntrik)
- trying again on the macos builder (xntrik)
- more nitpicks (xntrik)
- Are we almost there? (xntrik)
- omg i typod the download-artifact action (xntrik)
- artifact name adjustments (xntrik)
- adjusting releae to latest (xntrik)
- adjusted perms (xntrik)
- adding docker process back to pre-release (xntrik)
- adjusted pre-release. Updated tagged release (xntrik)
Chores
- #68 - tidying up the parser tests to cater for some upcoming work #69 (xntrik)
- preparing for 0.1.5 release #69 (xntrik)
- After a go mod tidy #78 (xntrik)
- updating vulnerable aws-sdk-go https://github.com/xntrik/hcltm/security/dependabot/2 #78 (xntrik)
- bumping version in prep for 0.1.6 - still need to tidy other ver #78 (xntrik)
- go mod tidy #78 (xntrik)
- go mod tidy #78 (xntrik)
- Updated 0.1.5 refs to 0.1.6 #81 (xntrik)
- Bumping Golang, go deps, and docker deps #88 (xntrik)
- bump to 0.1.8 #91 (xntrik)
- bump ver refs to 0.2.0 #92 (xntrik)
- bump spec dep and update threatcl cli to 0.2.1 #96 (xntrik)
- deps: bump google.golang.org/protobuf from 1.32.0 to 1.33.0 #98 (dependabot[bot])
- deps: bump golang.org/x/net from 0.21.0 to 0.23.0 #104 (dependabot[bot])
- deps: bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 #105 (dependabot[bot])
Commits
- 8d92f43: add missing Repudiation to STRIDE (Marc Loney) #32
- c703e20: Create codeql-analysis.yml (Christian Frichot)
- c6753e6: Create semgrep-analysis.yml (Christian Frichot)
- fa5bb09: Update semgrep-analysis.yml (Christian Frichot)
- 9847f42: Update semgrep-analysis.yml (Christian Frichot)
- a6e2b97: Create snyk-container-analysis.yml (Christian Frichot)
- adf59bc: Update link to the OWASP Proactive Controlsin README.md (John Doe) #42
- 14cbe0a: Merging in 0.1.2 (#60) (Christian Frichot) #60
- 6b3e522: Merging Dev 0.1.3 into main (#64) (Christian Frichot) #64
- e506f63: merging dev 0.1.4 into main (#66) (Christian Frichot) #66
- addressing some issues with
expanded_control
see #70 #78 (xntrik) - 7b62cc1: very much work in progress on 0.1.6 (xntrik) #78
- 1b958c2: Added new export command relates to #84 (xntrik) #88
- 474a2f3: Added export sub-command info into README (xntrik) #88
- 3b9bb04: Updated CHANGELOG and other versions to 0.1.7 (xntrik) #88
- cb97bc4: Updated README (xntrik)
- e2c39f5: #89 update go-otm dep (xntrik) #91
- d4b0f53: updating main branch gh action (xntrik)