chore(main): release 0.15.0

[complytime-release-bot]

🤖 I have created a release beep boop

0.15.0 (2026-05-11)

Features

• CPLYTM-1019 update the placeholders (b4cfe2f)
• CPLYTM-1019 update the placeholders (8ff602f)
• CPLYTM-968 retain only the params for the first rule (6d09c25)
• CPLYTM-968 retain only the params for the first rule (1f8535e)
• ci: sync ci security checks (4960f58)
• ci: sync ci security checks (29417fb)
• CPLYTM-1129 - reusable workflow for dependencies reviews (762e69e)
• CPLYTM-805 rename trestlebot to complyscribe (9446a17)
• include ruff linter with megalinter (0394974)
• introduce ruff linter (8dfc9b1)
• rename trestlebot to complyscribe in source code and tests (f7d39da)
• reusable workflow for dependencies reviews (f0785a8)

Bug Fixes

• CPLYTM-894 expend the benchmark root for ocp4 (2434952)
• CPLYTM-894 expend the benchmark root for ocp4 (36fc1c4)
• [CPLYTM-910] fix error in ospp transfer (b6f90e5)
• [CPLYTM-910] fix error in ospp transfer (e42398c)
• add click as a direct dependency (e3cf5ef)
• add click as a direct dependency (b0e0305)
• align trivy-action pin comment with dependabot convention (64dfb09)
• align trivy-action pin comment with dependabot convention (c6393f1)
• CPLYTM-838 Load CaC content product_properties dir when processing rule (70d9900)
• CPLYTM-886 Not remove unselected rule when sync OSCAL to CaC content (6c9b2bb)
• Fix integration test failure (0e055ce)
• fix several deprecated warnings (6a54c3a)
• Load all controls from OSCAL catalog when sync OSCL CD to CaC (e8c1570)
• PytestUnknownMarkWarning: Unknown pytest.mark.integration (aafebfa)
• rename github org to complytime (f150e68)
• resolve 5 HIGH Trivy misconfiguration findings (cd7142e)
• resolve 5 HIGH Trivy misconfiguration findings (5a5bcc0)
• resolve pre-existing megalinter YAML and Dockerfile lint errors (7da8ca1)
• restore yamllint ignore for Jinja-templated YAML files (1c1601d)
• security: replace eval with bash arrays in action entrypoints (58c11f4)
• security: replace eval with bash arrays in action entrypoints (699eb04)
• update black to 26.3.1 to resolve security vulnerability (a41853b)
• update cryptography to 46.0.5 to resolve security vulnerability (c49b5ee)
• update cryptography to resolve security vulnerability (390d97a)
• update filelock to 3.29.0 to resolve security vulnerabilities (d54dfb4)
• update nltk to 3.9.4 to resolve security vulnerabilities (5e50b65)
• update orjson to 3.11.8 to resolve security vulnerability (c1d1677)
• update Pygments to 2.20.0 to resolve security vulnerability (c0e35b8)
• update PyJWT to 2.12.1 to resolve security vulnerability (8a006fd)
• update PyNaCl to 1.6.2 to resolve security vulnerability (1f48d05)
• update pytest to 9.0.3 to resolve security vulnerability (067699d)
• Update sonar projectKey (145e878)
• update vulnerable dependencies to resolve security advisories (d271f20)
• Update workflow sonar projectKey parameter due to rename (d77a879)
• use dnf consistently in devcontainer to resolve DS-0017 (1789fa9)

Maintenance

• 'parse_obj' deprecated in Pydantic V2.0 (3910cda)
• [CPLYTM-884] add squash multiple commits script (273f593)
• [CPLYTM-884] add squash multiple commits script (033e10d)
• [CPLYTM-957] add auto review workflow (7011e45)
• [CPLYTM-967] correct the compd version in CI (0260e49)
• [CPLYTM-967] correct the compd version in CI (2bbf8fa)
• add auto review workflow (8ffbf2c)
• Add style guide (54dc74b)
• add the fedora to the redhat product list (f6c8e6d)
• add the fedora to the RHEL product list (09983fc)
• add vulnerability check (3a28bc1)
• add vulnerability check workflow (44a965f)
• BaseCommand' is deprecated and will be removed in Click 9.0 (6d7c2f0)
• bump setup-node fixing trailing space (705e4ac)
• bump setup-node fixing trailing space (1e38c2e)
• comment srg_gpos from rhel10 that can't sync content (03c9005)
• comment srg_gpos from rhel10 that can't sync content (5d4eb60)
• CPLYTM-1359 sandardize sonarqube CI (58501f6)
• CPLYTM-807 update sonarcloud project name (025f65b)
• CPLYTM-915 drop support for Python 3.8, update dependency (83ba685)
• dependabot settings and auto review process (83c7e57)
• deps-dev: Bump authlib from 1.6.0 to 1.6.5 in the pip group across 1 directory (19cef98)
• deps-dev: bump authlib from 1.6.5 to 1.6.6 in the pip group across 1 directory (94a0da0)
• deps-dev: bump authlib from 1.6.6 to 1.6.7 in the pip group across 1 directory (dc4075b)
• deps-dev: bump authlib from 1.6.7 to 1.6.9 in the pip group across 1 directory (dc8b429)
• deps-dev: bump authlib from 1.6.9 to 1.6.11 in the pip group across 1 directory (81cb337)
• deps-dev: bump authlib in the pip group across 1 directory (611bdcb)
• deps-dev: bump authlib in the pip group across 1 directory (645b5bc)
• deps-dev: bump authlib in the pip group across 1 directory (24307d5)
• deps-dev: bump authlib in the pip group across 1 directory (69b8a61)
• deps-dev: Bump authlib in the pip group across 1 directory (f6bccc0)
• deps-dev: bump black from 24.10.0 to 25.1.0 (4ec5db6)
• deps-dev: bump black from 24.10.0 to 25.1.0 (e14ade3)
• deps-dev: Bump black from 25.1.0 to 25.9.0 (887c494)
• deps-dev: Bump black from 25.1.0 to 25.9.0 (dafca73)
• deps-dev: bump black from 25.9.0 to 25.11.0 (6c98f62)
• deps-dev: bump black from 25.9.0 to 25.11.0 (49860e4)
• deps-dev: Bump isort from 5.13.2 to 6.1.0 (f6d8382)
• deps-dev: Bump isort from 5.13.2 to 6.1.0 (2589f6c)
• deps-dev: bump lxml from 6.0.0 to 6.1.0 in the pip group across 1 directory (d27a1a8)
• deps-dev: bump lxml in the pip group across 1 directory (3847db0)
• deps-dev: Bump mkdocs-include-markdown-plugin from 7.1.6 to 7.1.7 (5c245b6)
• deps-dev: Bump mkdocs-include-markdown-plugin from 7.1.6 to 7.1.7 (a076d72)
• deps-dev: Bump mkdocs-include-markdown-plugin from 7.1.7 to 7.2.0 (3a69906)
• deps-dev: Bump mkdocs-include-markdown-plugin from 7.1.7 to 7.2.0 (b50281f)
• deps-dev: bump mkdocs-include-markdown-plugin from 7.2.0 to 7.2.1 (f9412b9)
• deps-dev: bump mkdocs-include-markdown-plugin from 7.2.0 to 7.2.1 (830a2ef)
• deps-dev: bump mkdocs-include-markdown-plugin from 7.2.1 to 7.2.2 (8c224d6)
• deps-dev: bump mkdocs-include-markdown-plugin from 7.2.1 to 7.2.2 (300239c)
• deps-dev: bump mkdocs-material from 9.6.12 to 9.6.14 (06e6ced)
• deps-dev: bump mkdocs-material from 9.6.12 to 9.6.14 (990f228)
• deps-dev: bump mkdocs-material from 9.6.15 to 9.6.16 (7b1e357)
• deps-dev: bump mkdocs-material from 9.6.15 to 9.6.16 (5589c7b)
• deps-dev: Bump mkdocs-material from 9.6.16 to 9.6.18 (8de7c86)
• deps-dev: Bump mkdocs-material from 9.6.16 to 9.6.18 (b9cb248)
• deps-dev: Bump mkdocs-material from 9.6.18 to 9.6.19 (3861662)
• deps-dev: Bump mkdocs-material from 9.6.18 to 9.6.19 (96c5095)
• deps-dev: Bump mkdocs-material from 9.6.19 to 9.6.20 (e5585bd)
• deps-dev: Bump mkdocs-material from 9.6.19 to 9.6.20 (9bc9676)
• deps-dev: Bump mkdocs-material from 9.6.20 to 9.6.21 (f0453c0)
• deps-dev: Bump mkdocs-material from 9.6.20 to 9.6.21 (876220c)
• deps-dev: Bump mkdocs-material from 9.6.21 to 9.6.22 (0a703d8)
• deps-dev: Bump mkdocs-material from 9.6.21 to 9.6.22 (be3a86a)
• deps-dev: bump mkdocs-material from 9.6.22 to 9.6.23 (49c4d40)
• deps-dev: bump mkdocs-material from 9.6.22 to 9.6.23 (87b9782)
• deps-dev: bump mkdocs-material from 9.6.23 to 9.7.0 (584111f)
• deps-dev: bump mkdocs-material from 9.6.23 to 9.7.0 (0febbe9)
• deps-dev: bump mkdocs-material from 9.7.0 to 9.7.1 (f00b522)
• deps-dev: bump mkdocs-material from 9.7.0 to 9.7.1 (fe5492d)
• deps-dev: bump mkdocs-material from 9.7.1 to 9.7.6 (34c6f0e)
• deps-dev: bump mkdocs-material from 9.7.1 to 9.7.6 (9e9e022)
• deps-dev: bump mypy from 1.17.0 to 1.17.1 (abaddf4)
• deps-dev: bump mypy from 1.17.0 to 1.17.1 (ffda4f5)
• deps-dev: Bump mypy from 1.17.1 to 1.18.1 (2de62ce)
• deps-dev: Bump mypy from 1.17.1 to 1.18.1 (6be83d9)
• deps-dev: Bump mypy from 1.18.1 to 1.18.2 (5854b8b)
• deps-dev: Bump mypy from 1.18.1 to 1.18.2 (c37a9b7)
• deps-dev: bump mypy from 1.18.2 to 1.19.1 (cea4cf8)
• deps-dev: bump mypy from 1.18.2 to 1.19.1 (8e11acf)
• deps-dev: bump nltk from 3.9.1 to 3.9.2 in the pip group across 1 directory (7eb1150)
• deps-dev: bump nltk in the pip group across 1 directory (2aa448c)
• deps-dev: bump pre-commit from 3.8.0 to 4.2.0 (cdd85c9)
• deps-dev: bump pre-commit from 3.8.0 to 4.2.0 (aebfa53)
• deps-dev: Bump pre-commit from 4.2.0 to 4.3.0 (bd322b4)
• deps-dev: Bump pre-commit from 4.2.0 to 4.3.0 (123eced)
• deps-dev: bump pymdown-extensions (b93c032)
• deps-dev: bump pymdown-extensions from 10.16 to 10.16.1 in the pip group across 1 directory (f754e78)
• deps-dev: Bump pytest from 8.4.1 to 8.4.2 (f4cd67e)
• deps-dev: Bump pytest from 8.4.1 to 8.4.2 (7d3e0ab)
• deps-dev: bump pytest from 8.4.2 to 9.0.3 in the pip group across 1 directory (6710653)
• deps-dev: bump pytest in the pip group across 1 directory (4715c40)
• deps-dev: bump pytest-cov from 5.0.0 to 6.2.1 (1102480)
• deps-dev: bump pytest-cov from 5.0.0 to 6.2.1 (46a6462)
• deps-dev: Bump pytest-cov from 6.2.1 to 6.3.0 (0e22e5f)
• deps-dev: Bump pytest-cov from 6.2.1 to 6.3.0 (5bc2b5d)
• deps-dev: Bump pytest-cov from 6.3.0 to 7.0.0 (602a0ef)
• deps-dev: Bump pytest-cov from 6.3.0 to 7.0.0 (1dd6ba2)
• deps-dev: bump pytest-cov from 7.0.0 to 7.1.0 (12caaca)
• deps-dev: bump pytest-cov from 7.0.0 to 7.1.0 (79801c4)
• deps-dev: Bump responses from 0.25.7 to 0.25.8 (26b629b)
• deps-dev: Bump responses from 0.25.7 to 0.25.8 (2727522)
• deps-dev: bump responses from 0.25.8 to 0.26.0 (03e4205)
• deps-dev: bump responses from 0.25.8 to 0.26.0 (0d5a0d2)
• deps-dev: Bump safety from 3.2.9 to 3.2.11 (e71a1ce)
• deps-dev: Bump safety from 3.2.9 to 3.2.11 (ad21711)
• deps-dev: bump safety from 3.6.2 to 3.7.0 (0bad021)
• deps-dev: bump safety from 3.6.2 to 3.7.0 (587f70c)
• deps-dev: Bump types-pyyaml (a1a4736)
• deps-dev: Bump types-pyyaml (e722329)
• deps-dev: Bump types-pyyaml (ef06d84)
• deps-dev: Bump types-pyyaml from 6.0.12.20250516 to 6.0.12.20250809 (7609fc0)
• deps-dev: Bump types-pyyaml from 6.0.12.20250809 to 6.0.12.20250822 (380c408)
• deps-dev: Bump types-pyyaml from 6.0.12.20250822 to 6.0.12.20250915 (2081253)
• deps-dev: bump virtualenv from 20.32.0 to 20.36.1 in the pip group across 1 directory (419ca91)
• deps-dev: bump virtualenv in the pip group across 1 directory (f879007)
• deps: bump compliance-trestle from 3.10.4 to 3.11.0 (547fcfd)
• deps: bump compliance-trestle from 3.10.4 to 3.11.0 (73adada)
• deps: Bump compliance-trestle from 3.9.1 to 3.9.2 (b939af1)
• deps: Bump compliance-trestle from 3.9.1 to 3.9.2 (75e1144)
• deps: bump compliance-trestle from 3.9.2 to 3.9.3 (bdc6c27)
• deps: bump compliance-trestle from 3.9.2 to 3.9.3 (01ddd57)
• deps: bump compliance-trestle from 3.9.3 to 3.10.4 (46ebc32)
• deps: bump compliance-trestle from 3.9.3 to 3.10.4 (d474af0)
• deps: bump gitpython from 3.1.44 to 3.1.45 (ade3f5f)
• deps: bump gitpython from 3.1.44 to 3.1.45 (230a3ee)
• deps: bump gitpython from 3.1.45 to 3.1.46 (83dfb3a)
• deps: bump gitpython from 3.1.45 to 3.1.46 (e74566a)
• deps: bump gitpython from 3.1.46 to 3.1.47 (5255c5c)
• deps: bump gitpython from 3.1.46 to 3.1.47 (fac6a63)
• deps: bump gitpython from 3.1.47 to 3.1.50 (c81b3db)
• deps: bump gitpython from 3.1.47 to 3.1.50 (cee73e4)
• deps: bump https://github.com/returntocorp/semgrep (25d1aff)
• deps: bump https://github.com/returntocorp/semgrep (630e1d8)
• deps: bump https://github.com/returntocorp/semgrep from v1.160.0 to 1.161.0 (3a64f06)
• deps: bump https://github.com/returntocorp/semgrep from v1.51.0 to 1.160.0 (8e9ea78)
• deps: bump orjson from 3.11.0 to 3.11.5 in the pip group across 1 directory (de5cc32)
• deps: bump orjson in the pip group across 1 directory (d05aefb)
• deps: Bump pydantic from 2.11.10 to 2.12.0 (2f46501)
• deps: Bump pydantic from 2.11.10 to 2.12.0 (2e8ab53)
• deps: Bump pydantic from 2.11.7 to 2.11.9 (f81bd24)
• deps: Bump pydantic from 2.11.7 to 2.11.9 (f094a3f)
• deps: Bump pydantic from 2.11.9 to 2.11.10 (76fb14a)
• deps: Bump pydantic from 2.11.9 to 2.11.10 (291bb85)
• deps: Bump pydantic from 2.12.0 to 2.12.3 (e75421e)
• deps: Bump pydantic from 2.12.0 to 2.12.3 (7ec744b)
• deps: bump pydantic from 2.12.3 to 2.12.4 (6cd938d)
• deps: bump pydantic from 2.12.3 to 2.12.4 (94f692d)
• deps: bump pydantic from 2.12.4 to 2.12.5 (de2b4ae)
• deps: bump pydantic from 2.12.4 to 2.12.5 (2a801b4)
• deps: bump pydantic from 2.12.5 to 2.13.3 (9c17a49)
• deps: bump pydantic from 2.12.5 to 2.13.3 (7e2e9c3)
• deps: bump pydantic from 2.13.3 to 2.13.4 (ec69572)
• deps: bump pydantic from 2.13.3 to 2.13.4 (c345a41)
• deps: bump pydantic from 2.9.2 to 2.11.7 (43da9ab)
• deps: bump pydantic from 2.9.2 to 2.11.7 (17ac644)
• deps: bump python-gitlab from 4.13.0 to 6.2.0 (b19c33a)
• deps: bump python-gitlab from 4.13.0 to 6.2.0 (a9081dd)
• deps: Bump python-gitlab from 6.2.0 to 6.3.0 (9b729c5)
• deps: Bump python-gitlab from 6.2.0 to 6.3.0 (b7f961b)
• deps: Bump python-gitlab from 6.3.0 to 6.4.0 (a57f3ed)
• deps: Bump python-gitlab from 6.3.0 to 6.4.0 (4b1cf4f)
• deps: Bump python-gitlab from 6.4.0 to 6.5.0 (bfd0e3a)
• deps: Bump python-gitlab from 6.4.0 to 6.5.0 (0cb62ea)
• deps: bump requests from 2.32.3 to 2.32.4 in the pip group (dd44060)
• deps: bump requests from 2.32.3 to 2.32.4 in the pip group (27ff45a)
• deps: bump ruamel-yaml from 0.18.10 to 0.18.12 (2976198)
• deps: bump ruamel-yaml from 0.18.10 to 0.18.12 (6df5e2f)
• deps: bump ruamel-yaml from 0.18.12 to 0.18.13 (25de0fa)
• deps: bump ruamel-yaml from 0.18.12 to 0.18.13 (07706c4)
• deps: bump ruamel-yaml from 0.18.13 to 0.18.14 (9b3c050)
• deps: bump ruamel-yaml from 0.18.13 to 0.18.14 (810b7bc)
• deps: Bump ruamel-yaml from 0.18.14 to 0.18.15 (e7985af)
• deps: Bump ruamel-yaml from 0.18.14 to 0.18.15 (067e5aa)
• deps: bump ruamel-yaml from 0.18.15 to 0.18.16 (7a4b6c5)
• deps: bump ruamel-yaml from 0.18.15 to 0.18.16 (d437612)
• deps: bump ruamel-yaml from 0.18.16 to 0.18.17 (9dff013)
• deps: bump ruamel-yaml from 0.18.16 to 0.18.17 (2b45001)
• deps: bump ruamel-yaml from 0.18.17 to 0.19.1 (89685d2)
• deps: bump ruamel-yaml from 0.18.17 to 0.19.1 (882bbad)
• deps: bump the pip group across 1 directory with 3 updates (340632d)
• deps: bump the pip group across 1 directory with 3 updates (ee04f48)
• deps: bump urllib3 from 2.5.0 to 2.6.0 in the pip group across 1 directory (d8ee335)
• deps: bump urllib3 from 2.6.0 to 2.6.3 in the pip group across 1 directory (4f6454d)
• deps: bump urllib3 in the pip group across 1 directory (f59d7ab)
• deps: bump urllib3 in the pip group across 1 directory (70fb4ff)
• drop Python 3.9 support, require Python 3.10+ (4ea6b75)
• drop Python 3.9 support, require Python 3.10+ (c17672c)
• fix B007 from flake8-bugbear (4c3d3ea)
• fix lint issues in yaml files (3d5abaa)
• fix lint issues in yaml files (e04bd5e)
• improve vuln-check in makefile (cc035bd)
• improve vuln-check in makefile (39ff91e)
• link issue for spaces in list (949bba3)
• main: release 0.14.0 (8c20402)
• main: release 0.14.0 (3c46c4b)
• prepare repository for archival (31ea01a)
• prepare repository for archival (ac3c5bd)
• remove gemini review (4c3045f)
• remove gemini review (6baf615)
• remove no longer necessary workflows (4395772)
• remove no longer needed workflows (1c3fb93)
• rename local ci and remove duplicate megalinter (faaf04b)
• resolve pre-existing megalinter lint errors (2d06986)
• sandardize sonarqube CI (2fa5f55)
• sync repository standards (9510c85)
• sync repository standards (a54b5fd)
• sync repository standards (d8e2070)
• sync repository standards (4ced2ce)
• sync repository standards (a6d71da)
• sync repository standards (8e7d71d)
• update sonar project key in readme badges (f095260)
• update sonar project key in readme badges (62c8cc1)
• update sonarcloud project name (5a98d4f)
• update sonarqube-scan-action (313150c)
• update sonarqube-scan-action (89a4fe9)
• Update ssg version, adjust test according to ssg change (b4dc7f8)

---

This PR was generated with Release Please. See documentation.

[marcusburghardt]

https://github.com/complytime/complyscribe/releases/tag/v0.14.0 was the final release.