Open
Conversation
commit 27abdb9 Author: Fritz Kunstler <dfk@amazon.com> Date: Thu Mar 26 22:37:27 2026 -0400 feat(oscal): Enhance POWER documentation and update container configuration - Add git strategy steering document for workspace-wide version control guidelines - Update Dockerfile CMD to use correct MCP server entry point (mcp-server-for-oscal) - Expand OSCAL POWER.md with comprehensive tool documentation and parameter specifications - Add detailed tools table with descriptions for all 12 available OSCAL tools - Include key parameter documentation for get_oscal_schema, validate_oscal_content, validate_oscal_file, query_component_definition, and get_capability - Update POWER.md description and keywords to reflect validation capabilities and component definition features - Enhance capabilities list with validation pipeline and component navigation features - Update mcp.json configuration for OSCAL power - Update project dependencies in pyproject.toml - Improve tools README documentation
…nning Implement tasks 1.1-2.1 of the scalable OSCAL store feature: - Add oscal_store_db_path, oscal_store_cache_size, oscal_documents_dir config fields (task 1.1) - Create OscalStore module with SQLite schema initialization, database mode resolution (bundled/persistent/ephemeral), and table/index creation (task 1.2) - Add unit tests for config fields and schema initialization (task 1.3) - Implement scan_directory() and _detect_model_type() with change detection, model_type_filter, and graceful handling of missing directories (task 2.1) All 455 tests pass on Python 3.11 and 3.12.
Implement tasks 2.2-4.6 of the scalable OSCAL store feature: - _ensure_indexed() and _extract_child_elements() for all 8 OSCAL model types (task 2.2) - LRU cache for parsed Trestle models with configurable size (task 2.3) - Property tests for model type detection and incremental re-indexing (tasks 2.4, 2.5) - Unified query() method with by_uuid, by_title, by_type, all modes (task 4.1) - list_documents() and list_child_elements() with pagination (task 4.2) - text_search() with FTS5 and LIKE fallback (task 4.3) - Property tests for pagination, UUID lookup, case-insensitive title search (tasks 4.4, 4.5, 4.6) All 528 tests pass on Python 3.11 and 3.12.
Implement tasks 6.1-6.3 of the scalable OSCAL store feature: - Backward-compatible MCP tool wrappers that delegate to OscalStore when available, falling back to legacy ComponentDefinitionStore (task 6.1) - New MCP tools for all OSCAL model types: catalogs, SSPs, profiles, assessment plans/results, POA&Ms, mapping collections, plus cross-model text search (task 6.2) - Tool registration in __init__.py and OscalStore initialization in main.py startup sequence (task 6.3) - Test isolation fixture to prevent OscalStore singleton leakage across test modules All 566 tests pass on Python 3.11 and 3.12.
…erty tests Implement tasks 6.4-8.5 of the scalable OSCAL store feature: - Property tests for backward-compatible return format and model type filtering (tasks 6.4, 6.5) - Build script bin/build_oscal_db.py for generating bundled SQLite DB with eager indexing and SHA-256 hashing (task 8.1) - build-db hatch script and pyproject.toml package data for oscal_store.db (task 8.2) - Bundled DB integrity verification at startup with fallback to ephemeral mode (task 8.3) - Property tests for bundled DB completeness and database mode resolution (tasks 8.4, 8.5) All 589 tests pass on Python 3.11 and 3.12.
…ests Implement tasks 10.1-11.2 of the scalable OSCAL store feature: - Property tests for document metadata round-trip, child element metadata persistence, child element type correctness, child element parent info, and FTS with model type scoping (tasks 10.1-10.5) - Backward compatibility verification for existing tests (task 11.1) - Integration tests for new MCP tools with multi-type document sets and cross-model text search (task 11.2) All 612 tests pass on Python 3.11 and 3.12. Feature complete.
Replace assert statements with proper runtime guards in production code (B101) and add nosec B608 annotations to parameterized SQL queries that use hardcoded WHERE clauses with ? placeholders. All 612 tests pass. No new bandit findings in feature code.
Add MappingCollection from trestle.oscal.mapping to TRESTLE_MODEL_MAP in both oscal_store.py and validate_oscal_content.py. The model was available in compliance-trestle but incorrectly commented out as unsupported. Mapping-collection documents are now validated and parsed like all other OSCAL model types. All 612 tests pass on Python 3.11 and 3.12.
… definition queries - Add offset and limit parameters to query_component_definition() and _oscal_store_query_component_definition() - Implement _paginate_component_response() helper to apply pagination to component results - Wrap capability responses with pagination metadata (offset=0, limit=1, total=1, hasMore=False) - Apply pagination consistently across both OscalStore and legacy query paths - Add comprehensive property-based tests validating pagination slice correctness and capability envelope wrapping - Update query_component_definition tool tests with pagination test cases - Add design document, requirements, and task specifications for pagination feature - Reuse existing paginate() utility from utils.py for consistent pagination behavior
… models - Add 12 list tools to expose child element queries for each OSCAL model type (catalog, SSP, profile, assessment plan, assessment results, POA&M, mapping collection) - Add get_child_element tool for retrieving full content of specific elements by identifier - Implement OscalStore.get_child_element() method to query child elements by UUID or token ID with optional parent document scoping - Add comprehensive test coverage for child element queries across all model types - Update tool registry and documentation with new query capabilities - Rename uuid field to id in API responses to reflect support for both UUID and token-based identifier schemes
…wn documentation (#96) - Add markdown file indexing to OscalStore with title extraction from headings - Implement search_documentation() method with FTS5 MATCH and LIKE fallback - Replace query_local() stub with working documentation search via OscalStore - Upgrade file change detection from mtime+size to SHA-256 content hashing - Add content_hash column to documents table with migration support - Make query_oscal_documentation tool unconditionally available with KB fallback - Wire OscalStore initialization in main.py to scan oscal_docs/ directory - Add comprehensive tests for local documentation search functionality - Enables agents to search local OSCAL documentation without external KB dependency
#96) - Add recursive group traversal to extract controls at all nesting levels in catalogs - Extract controls from nested groups (catalog.groups[].controls[]) and deeply nested groups (catalog.groups[].groups[].controls[]) - Update _extract_child_elements() to walk group hierarchy and index all identified elements - Add comprehensive test coverage for nested catalog control extraction and preservation of existing behavior - Add bugfix specification and design documentation for nested catalog controls issue - Ensures all elements with IDs are individually queryable via list_catalog_controls(), text_search_oscal(), and get_child_element()
- Add MagicMock to gitignore to prevent test mock objects from being tracked - Add examples directory to gitignore to keep example files out of version control
- Move oscal_docs/ and component_definitions/ from src/ to top-level data/ directory - Update pyproject.toml to exclude data/ from wheel (keep in sdist for source builds) - Remove startup integrity verification for oscal_docs and component_definitions - Remove scan_directory calls for bundled content in main.py and oscal_agent.py - Update bin/build_oscal_db.py to read source content from data/ paths - Reduce wheel size by eliminating redundant raw content (pre-built DB is sole runtime source) - Update tests to reflect new directory structure and removed startup scans
- Replace AWS component definitions v0.1.0 with v0.2.0 OSCAL content archive - Update download script to use GitHub archive URL instead of releases endpoint - Adjust extraction path to match new archive structure (oscal-content-for-aws-services-0.2.0) - Add error handling with exit codes to update-aws-cdefs.sh script - Include catalogs in JSON whitespace removal alongside component definitions - Update all hash files to reflect new content versions and commit references - Update .gitignore to reference data/component_definitions instead of src path - Add MagicMock to .kiroignore and temporary concepts directory to .gitignore
…ding - Add `seed_from_bundled` boolean parameter to `OscalStore.__init__()` with default `True` - Update `_resolve_persistent()` to check `seed_from_bundled` before copying bundled database - Modify `build_db()` to pass `seed_from_bundled=False` for clean database builds - Update `build_oscal_db.py` to ensure fresh databases contain only scanned documents - Add comprehensive test coverage for bundled seeding behavior and edge cases - Update project configuration and dependencies in `pyproject.toml` - Add specification documents (bugfix, design, tasks) for build-db bundled seeding workflow - Fixes `test_build_db_empty_directories` failure and release automation pipeline breakage
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The MCP Server for OSCAL currently supports only Component Definition documents via a
ComponentDefinitionStorethat loads all data eagerly into memory at module import time. This approach does not scale to tens of thousands of OSCAL documents and does not support other OSCAL model types (catalogs, profiles, SSPs, assessment plans, assessment results, POA&Ms). This feature replaces the monolithic in-memory store with a scalable, multi-model OSCAL store backed by SQLite, supporting lazy loading, efficient indexing, text search, and a unified query interface across all OSCAL model types.By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.