Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update FedRAMP baselines to upstream NIST SP 800-53 OSCAL 1.3.0 catalog #976

Open
4 of 10 tasks
aj-stein-gsa opened this issue Dec 9, 2024 · 0 comments · Fixed by #979
Open
4 of 10 tasks

Update FedRAMP baselines to upstream NIST SP 800-53 OSCAL 1.3.0 catalog #976

aj-stein-gsa opened this issue Dec 9, 2024 · 0 comments · Fixed by #979
Assignees
@Gabeblis
Labels
model: catalog model: profile scope: baselines type: backlog item For developer work that is not part of a user-facing epic or user story.

Comments

@aj-stein-gsa
Copy link
Contributor

aj-stein-gsa commented Dec 9, 2024
edited by Gabeblis
Loading

This is a ...

improvement - something could be better

This relates to ...

  • the FedRAMP OSCAL baselines
  • the FedRAMP SSP OSCAL Example
  • the FedRAMP SAP OSCAL Example
  • the FedRAMP SAR OSCAL Example
  • the FedRAMP POA&M OSCAL Example
  • the FedRAMP OSCAL Validations
  • the Not sure

User Story

I would like to update the baselines to the 1.3.0 version of the NIST SP 800-53 catalog from the 1.2.0 version of the content and deprecate the temporary vendored copy of the modified SP 800-53 catalog by deleting it from the develop branch.

Goals

  • Revert change from Adjust Catalog Link #975 in main with a new PR deleting it (NOTE: we will not rebase master branch)
  • Change the import/profile to point to a back-matter/resource with a rlink/@href with a value of https://raw.githubusercontent.com/usnistgov/oscal-content/refs/tags/v1.3.0/nist.gov/SP800-53/rev5/xml/NIST_SP-800-53_rev5_catalog.xml for all profiles in develop
  • Delete the NIST_SP-800-53_rev5_catalog.xml in develop

Dependencies

N/A

Acceptance Criteria

  • All FedRAMP Documents Related to OSCAL Adoption (https://github.com/GSA/fedramp-automation) affected by the changes in this issue have been updated.
  • A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.

Other information

#975 is a step in the right direction on the wrong branch and should not go into master without a release prepped. We need to remove that and target in develop and remove the orphaned file to make the change cleaner when released.
@aj-stein-gsa aj-stein-gsa added scope: baselines type: backlog item For developer work that is not part of a user-facing epic or user story. model: profile model: catalog labels Dec 9, 2024
@aj-stein-gsa aj-stein-gsa moved this from 🆕 New to 🔖 Ready in FedRAMP Automation Dec 9, 2024
@Gabeblis Gabeblis self-assigned this Dec 9, 2024
@Gabeblis Gabeblis linked a pull request Dec 9, 2024 that will close this issue
Adjust Catalog Links #979
Merged
6 tasks
@Gabeblis Gabeblis moved this from 🔖 Ready to 🔍 Active Objectives and Issues in FedRAMP Automation Dec 9, 2024
@Gabeblis Gabeblis moved this from 🔍 Active Objectives and Issues to 🏗 In progress in FedRAMP Automation Dec 9, 2024
@Gabeblis Gabeblis moved this from 🏗 In progress to 👀 In review in FedRAMP Automation Dec 9, 2024
@Gabeblis Gabeblis moved this from 👀 In review to 🚢 Ready to Ship in FedRAMP Automation Dec 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Gabeblis Gabeblis

Labels
model: catalog model: profile scope: baselines type: backlog item For developer work that is not part of a user-facing epic or user story.
Projects
FedRAMP Automation
Status: 🚢 Ready to Ship
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Adjust Catalog Links Gabeblis/fedramp-automation
2 participants
@Gabeblis @aj-stein-gsa