Merge branch 'develop' into develop-aspen-poam-demo

CHANGELOG.md

@@ -1,22 +1,7 @@
 GovReady-Q Release Notes
 ========================
 
-v0.10.1.1-dev (June 29, 2022)
------------------------------
-
-**Buf fixes**
-
-* Hot patch to fix OSCAL SSP generation by making sure security_sensitivity_level has value.
-
-v0.10.1-dev (June 28, 2022)
----------------------------
-
-**Security fixes**
-
-* Upgrade npm modules to address multiple vulnerabilities.
-
-
-v0.10.0 (June 24, 2022)
+v0.10.0 (July 13, 2022)
 -----------------------
 
 Welcome to GovReady-q v0.10.0 "Aspen".
@@ -101,6 +86,7 @@ and provides a solid foundation for even more exciting innovations to come.
 * Add a large set of sample components (150+) generated from STIGs.
 * Detect Apple ARM platform (e.g. 'M1 chip') and use alternate backend Dockerfile with Chromium install commented out.
 * Added SystemEvent object in controls to track system events.
+* Remove Opera from test options.
 
 **Bug fixes**
 
@@ -111,12 +97,16 @@ and provides a solid foundation for even more exciting innovations to come.
 * Assign owners to default components (elements) created during install first_run script.
 * Correctly display POA&M forms with left-side menu.
 * Refactor and OIDC authentication for proper testing of admin and not admin roles.
+* Upgrade to Django 3.2.14 to fix Django vulnerability.
+* Hot patch to fix OSCAL SSP generation by making sure security_sensitivity_level has value.
+* Remove edit action information from proposed component control statements.
 
 **Security fixes**
 
 * Upgrade npm modules to address multiple vulnerabilities.
 * Upgrade Python libraries to address multiple vulnerabilities.
 
+
 v0.9.13 (January 23, 2022)
 --------------------------
 

README.md

@@ -29,7 +29,7 @@ GovReady-Q is open source and incorporates the emerging [NIST OSCAL](https://pag
 
 # License / Credits
 
-This repository is licensed under the [GNU GPL v3](LICENSE.md).
+This repository is licensed under the [Apache 2.0](LICENSE.md).
 
 * Emoji icons by http://emojione.com/developers/.
 * Generic server icon by [Stock Image Folio from Noun Project](https://thenounproject.com/search/?q=computer&i=870428).

VERSION

@@ -1 +1 @@
-v0.10.1.1-dev
+v0.10.0

controls/views.py

@@ -1356,7 +1356,7 @@ def system_element(request, system_id, element_id):
                 proposal = None
                 return HttpResponseRedirect("/controls/{}/components/selected".format(system_id))
 
-            #get all statements that are not component_approval_criteria
+            # Get all statements that are not component_approval_criteria
             impl_smts = element.statements_produced.filter(~Q(statement_type='COMPONENT_APPROVAL_CRITERIA'))
             # Retrieve used catalog_key
             catalog_key = impl_smts[0].sid_class

dev_env/README.md

@@ -65,7 +65,7 @@ environment.json to include:
     "test_visible": true,
     "test_browser": "chrome" 
 ```````````
-You can choose from `firefox`, `chrome`, or `opera`
+You can choose from `firefox` or `chrome`.
 
 ### Connecting to the Selenium
 You will have to install a VNC Viewer (https://www.realvnc.com/en/connect/download/viewer/)
@@ -76,7 +76,6 @@ Open VNC Viewer and connect to the browser image you chose in your environment.j
 |---------|----------------|----------|
 | Chrome  | localhost:6900 | secret   |
 | Firefox | localhost:6902 | secret   |
-| Opera   | localhost:6903 | secret   |
 
 Then you can run your tests as you typically would by connecting to your container and running the tests.  Ex: 
 `docker exec -it govready-q-dev ./manage.py test`

dev_env/core/runner.py

@@ -134,7 +134,7 @@ def run(self):
             "chrome": {"port": 6900, "file": "selenium/selenium-chrome.yml"},
             # "edge": {"port": 6901, "file": "selenium/selenium-edge.yml"},
             "firefox": {"port": 6902, "file": "selenium/selenium-firefox.yml"},
-            "opera": {"port": 6903, "file": "selenium/selenium-opera.yml"},
+            # "opera": {"port": 6903, "file": "selenium/selenium-opera.yml"},
         }
 
         if self.config['test_visible']: