Update Publish branch with the latest updates to ensure SSVC newer version of schema is available. (#760)

* Convert cwes list to markdown with fewer rows and columns (#737)

* Update verbiage because we have a list of CWE-IDs per issue 529.

* Clean CWE-IDs list to only exploit_possible=yes, eliminate need for side scrolling, add hyperlinks, and create a markdown version of the csv per issues 530 and 713.

* markdown lint

* Fix broken link to cwe examples and remove cwe csvs file to enforce a single source of truth.

* Make the linkchecker happy

* Really fix links this time

* Replace `Track*`/`Track *` with `Monitor` in CISA-based decision model (#738)

* change type hints on OutcomeGroup class

* black reformat

* replace `Track *` with `Monitor`

* carve a new version of CISA OutcomeGroup to reflect `Track *` -> `Monitor`

* replace `Track*` with `Monitor` in json

* replace CISA.json with Monitor outcome value

* more substitutions

* Revert "Replace `Track*`/`Track *` with `Monitor` in CISA-based decision mode…" (#741)

This reverts commit a54f999.

* Bump markdown-exec from 1.10.0 to 1.10.1 (#746)

Bumps [markdown-exec](https://github.com/pawamoy/markdown-exec) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/pawamoy/markdown-exec/releases)
- [Changelog](https://github.com/pawamoy/markdown-exec/blob/main/CHANGELOG.md)
- [Commits](pawamoy/markdown-exec@1.10.0...1.10.1)

---
updated-dependencies:
- dependency-name: markdown-exec
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump the mkdocs group with 6 updates (#747)

Bumps the mkdocs group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [mkdocs-bibtex](https://github.com/shyamd/mkdocs-bibtex) | `4.2.2` | `4.2.3` |
| [mkdocs-include-markdown-plugin](https://github.com/mondeja/mkdocs-include-markdown-plugin) | `7.1.4` | `7.1.5` |
| [mkdocs-material](https://github.com/squidfunk/mkdocs-material) | `9.6.7` | `9.6.9` |
| [mkdocstrings](https://github.com/mkdocstrings/mkdocstrings) | `0.28.2` | `0.29.0` |
| [mkdocstrings-python](https://github.com/mkdocstrings/python) | `1.16.2` | `1.16.5` |
| [mkdocs-print-site-plugin](https://github.com/timvink/mkdocs-print-site-plugin) | `2.6.0` | `2.7.1` |


Updates `mkdocs-bibtex` from 4.2.2 to 4.2.3
- [Release notes](https://github.com/shyamd/mkdocs-bibtex/releases)
- [Commits](shyamd/mkdocs-bibtex@v4.2.2...v4.2.3)

Updates `mkdocs-include-markdown-plugin` from 7.1.4 to 7.1.5
- [Release notes](https://github.com/mondeja/mkdocs-include-markdown-plugin/releases)
- [Commits](mondeja/mkdocs-include-markdown-plugin@v7.1.4...v7.1.5)

Updates `mkdocs-material` from 9.6.7 to 9.6.9
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](squidfunk/mkdocs-material@9.6.7...9.6.9)

Updates `mkdocstrings` from 0.28.2 to 0.29.0
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/mkdocstrings@0.28.2...0.29.0)

Updates `mkdocstrings-python` from 1.16.2 to 1.16.5
- [Release notes](https://github.com/mkdocstrings/python/releases)
- [Changelog](https://github.com/mkdocstrings/python/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/python@1.16.2...1.16.5)

Updates `mkdocs-print-site-plugin` from 2.6.0 to 2.7.1
- [Release notes](https://github.com/timvink/mkdocs-print-site-plugin/releases)
- [Commits](timvink/mkdocs-print-site-plugin@v2.6.0...v2.7.1)

---
updated-dependencies:
- dependency-name: mkdocs-bibtex
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: mkdocs
- dependency-name: mkdocs-include-markdown-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: mkdocs
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: mkdocs
- dependency-name: mkdocstrings
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: mkdocs
- dependency-name: mkdocstrings-python
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: mkdocs
- dependency-name: mkdocs-print-site-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: mkdocs
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add `mdlint_fix` target to Makefile (#744)

* pin changed-files action to specific sha1 (#750)

* Add NameSpace Enum (#749)

* add a namespace Enum along with a pydantic dataclass validator to enforce it

Valid = str in enum OR str.startswith("x_")

* add validator to _Namespaced mixin class

* refactor base classes to use NameSpace enum values

* add optional "x_" prefix as valid namespace pattern

* update unit tests

* add docstrings

* bump python test version to 3.12

* update the regex pattern for namespaces, add validation to pydantic field

* refactor namespace validation methods

* add unit tests

* simplify regex to avoid inefficiencies

* add length requirements to namespace patterns and fields

* refactor regex again

* add docstrings

* add docs, update docstrings

* Update Decision_Point-1-0-1.schema.json

Modify Namespace information and examples as wel..

* Update Decision_Point-1-0-1.schema.json

Matching x_custom/extension as examples for schema docs.

* we shouldn't mention nciss yet as it's still a draft PR

* missed an nciss

---------

Co-authored-by: Vijay Sarvepalli <[email protected]>

* Refactor SsvcDecisionPoint base class mixins (#743)

* create a `_Valued` mixin

* add `_Valued` mixin to base decision point class. Also reorder mixins to adjust default json output key order

* update json examples to reflect new base class mixin ordering

* add len() to _Valued mixin

* add tests

* Bump tj-actions/changed-files from 46.0.1 to 46.0.3 (#757)

Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 46.0.1 to 46.0.3.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](tj-actions/changed-files@2f7c5bf...823fceb)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump markdown-exec from 1.10.1 to 1.10.2 (#756)

Bumps [markdown-exec](https://github.com/pawamoy/markdown-exec) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/pawamoy/markdown-exec/releases)
- [Changelog](https://github.com/pawamoy/markdown-exec/blob/main/CHANGELOG.md)
- [Commits](pawamoy/markdown-exec@1.10.1...1.10.2)

---
updated-dependencies:
- dependency-name: markdown-exec
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump mkdocstrings-python from 1.16.5 to 1.16.8 in the mkdocs group (#755)

Bumps the mkdocs group with 1 update: [mkdocstrings-python](https://github.com/mkdocstrings/python).


Updates `mkdocstrings-python` from 1.16.5 to 1.16.8
- [Release notes](https://github.com/mkdocstrings/python/releases)
- [Changelog](https://github.com/mkdocstrings/python/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/python@1.16.5...1.16.8)

---
updated-dependencies:
- dependency-name: mkdocstrings-python
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: mkdocs
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Allen D. Householder <[email protected]>
Co-authored-by: sei-renae <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: 4 people

.github/workflows/lint_md_changes.yml

@@ -16,7 +16,7 @@ jobs:
     - uses: actions/checkout@v4
       with:
         fetch-depth: 0
-    - uses: tj-actions/changed-files@v45
+    - uses: tj-actions/changed-files@823fcebdb31bb35fdf2229d9f769b400309430d0
       id: changed-files
       with:
         files: '**/*.md'

.github/workflows/python-app.yml

@@ -21,10 +21,10 @@ jobs:
     - uses: actions/checkout@v4
       with:
         fetch-tags: true
-    - name: Set up Python 3.10
+    - name: Set up Python 3.12
       uses: actions/setup-python@v5
       with:
-        python-version: "3.10"
+        python-version: "3.12"
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip

Makefile

@@ -17,6 +17,10 @@ DOCS_IMAGE = $(PFX)_docs
 
 all: help
 
+mdlint_fix:
+	@echo "Running markdownlint..."
+	markdownlint --config .markdownlint.yml --fix .
+
 dockerbuild_test:
 	@echo "Building the test Docker image..."
 	$(DOCKER_BUILD) --target $(TEST_DOCKER_TARGET) --tag $(TEST_IMAGE) .
@@ -46,6 +50,7 @@ help:
 	@echo ""
 	@echo "Targets:"
 	@echo " all         - Display this help message"
+	@echo " mdlint_fix  - Run markdownlint with --fix"
 	@echo " docs        - Build and run the docs Docker image"
 	@echo " docker_test - Build and run the test Docker image"
 	@echo ""

data/csvs/cwe/possible-cwe-with-poc-examples.csv

@@ -1,10 +1,10 @@
 {
+  "name": "Automatable",
+  "description": "Can an attacker reliably automate creating exploitation events for this vulnerability?",
   "namespace": "ssvc",
   "version": "2.0.0",
   "schemaVersion": "1-0-1",
   "key": "A",
-  "name": "Automatable",
-  "description": "Can an attacker reliably automate creating exploitation events for this vulnerability?",
   "values": [
     {
       "key": "N",

data/json/decision_points/automatable_2_0_0.json

@@ -1,10 +1,10 @@
 {
+  "name": "Access Complexity",
+  "description": "This metric measures the complexity of the attack required to exploit the vulnerability once an attacker has gained access to the target system.",
   "namespace": "cvss",
   "version": "1.0.0",
   "schemaVersion": "1-0-1",
   "key": "AC",
-  "name": "Access Complexity",
-  "description": "This metric measures the complexity of the attack required to exploit the vulnerability once an attacker has gained access to the target system.",
   "values": [
     {
       "key": "L",

data/json/decision_points/cvss/access_complexity_1_0_0.json

@@ -1,10 +1,10 @@
 {
+  "name": "Access Complexity",
+  "description": "This metric measures the complexity of the attack required to exploit the vulnerability once an attacker has gained access to the target system.",
   "namespace": "cvss",
   "version": "2.0.0",
   "schemaVersion": "1-0-1",
   "key": "AC",
-  "name": "Access Complexity",
-  "description": "This metric measures the complexity of the attack required to exploit the vulnerability once an attacker has gained access to the target system.",
   "values": [
     {
       "key": "L",

data/json/decision_points/cvss/access_complexity_2_0_0.json

@@ -1,10 +1,10 @@
 {
+  "name": "Access Vector",
+  "description": "This metric measures whether or not the vulnerability is exploitable locally or remotely.",
   "namespace": "cvss",
   "version": "1.0.0",
   "schemaVersion": "1-0-1",
   "key": "AV",
-  "name": "Access Vector",
-  "description": "This metric measures whether or not the vulnerability is exploitable locally or remotely.",
   "values": [
     {
       "key": "L",

data/json/decision_points/cvss/access_vector_1_0_0.json

@@ -1,10 +1,10 @@
 {
+  "name": "Access Vector",
+  "description": "This metric reflects the context by which vulnerability exploitation is possible.",
   "namespace": "cvss",
   "version": "2.0.0",
   "schemaVersion": "1-0-1",
   "key": "AV",
-  "name": "Access Vector",
-  "description": "This metric reflects the context by which vulnerability exploitation is possible.",
   "values": [
     {
       "key": "L",

data/json/decision_points/cvss/access_vector_2_0_0.json

@@ -1,10 +1,10 @@
 {
+  "name": "Attack Complexity",
+  "description": "This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability.",
   "namespace": "cvss",
   "version": "3.0.0",
   "schemaVersion": "1-0-1",
   "key": "AC",
-  "name": "Attack Complexity",
-  "description": "This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability.",
   "values": [
     {
       "key": "L",