You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The pattern expressions in extension and constraint bindings are buggy and inconsistent. The inconsistency makes writing constrain validation automation needlessly difficult.
The binding patterns in FedRAMP_extensions.jsoninconsistently prepend o: to elements in the path. The binding patterns in fedramp_values.jsonconsistently do not prepend o:. For example, these patterns in FedRAMP_extensions.json are incoonsistent:
What action would you like to see from the FedRAMP PMO?
Do not prepend o: in FedRAMP_extensions.json binding patterns. This would be consistent with fedramp_values.json. If prepending o: has value, then do so consistently.
Ensure all binding pattern paths are accurate (no // instances).
Other information (e.g. detailed explanation, related issues, suggestions how to fix, links for us to have context, eg. slack, gitter, etc)
The text was updated successfully, but these errors were encountered:
Forwarding on to @Rene2mt for review. Result of // being output is due to conversion from xml to json. More research is needed. Workaround: replace all occurences in json FedRAMP_extensions and FedRAMP_values with single slashes where appropriate.
This is a ...
This relates to ...
NOTE: For feedback related to the OSCAL syntax itself, please create or add to an issue in the NIST OSCAL Repository.
FedRAMP_extensions.json
fedramp_values.json
The pattern expressions in extension and constraint bindings are buggy and inconsistent. The inconsistency makes writing constrain validation automation needlessly difficult.
The binding patterns in
FedRAMP_extensions.json
inconsistently prependo:
to elements in the path. The binding patterns infedramp_values.json
consistently do not prependo:
. For example, these patterns inFedRAMP_extensions.json
are incoonsistent:component/o:prop[@name='public']
o:component/o:prop[@name='allows-authenticated-scan']/@value
The bindings property within the
response-point
extension contains the following pattern:{"pattern": "/o:catalog//o:control//o:part/o:prop"}
I believe the double backslash instances are an error. The pattern should be:
{"pattern": "/o:catalog/o:control/o:part/o:prop"}
No. This report is related to the binding constructs in
1.0.4
o:
inFedRAMP_extensions.json
binding patterns. This would be consistent withfedramp_values.json
. If prependingo:
has value, then do so consistently.//
instances).The text was updated successfully, but these errors were encountered: