You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: documentation/versioning-policy/index.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -38,7 +38,7 @@ CybOX Objects are versioned independently of each other and independently of the
38
38
Most Object schemas will probably remain unchanged across revisions of the CybOX Language, with both the old and new version of the CybOX Language supporting the same version of the Object schema.In most cases where an Object schema is revised, the new versions of the Object schema is released simultaneously with a new release of the CybOX Language, although the Object’s schema version will differ from the CybOX Language version.
39
39
40
40
On rare occasions, a new version of a CybOX Object schema might be released outside of a release of the CybOX Language. However, this new version of the CybOX Object is not associated with any version of the CybOX Language until there is a new CybOX Language release that utilizes this new Object schema.
41
-
Tools that support a given version of the CybOX Language are not required to support every type of CybOX Object associated with that version of the CybOX language. However, for CybOX Objects that such tools do support, they must support the specific version of those Objects associated with the supported version of the CybOX Language. Tools may support older and/or newer versions of those same Objects, but are not required to do so.
41
+
Tools that support a given version of the CybOX Language are not required to support every type of CybOX Object associated with that version of the CybOX Language. However, for CybOX Objects that such tools do support, they must support the specific version of those Objects associated with the supported version of the CybOX Language. Tools may support older and/or newer versions of those same Objects, but are not required to do so.
42
42
43
43
Note that, in CybOX, objects are considered extension points. As such, authors can utilize custom CybOX Objects other than those associated by a given release. However, this is considered to be a customized use of the CybOX Language and compatibility is not guaranteed. Any use of a CybOX Object version other than the specific version associated with a particular CybOX Language release (i.e., an Object that is either an earlier version or a later version) is considered a customized use of CybOX with the associated compatibility risks.
44
44
@@ -49,7 +49,7 @@ Any individual CybOX vocabulary may be revised at any time, including between re
49
49
50
50
To facilitate this, each version of a given controlled vocabulary (an XML SimpleType that resolves to an enumeration) is assigned a different version number. An individual vocabulary has a Major and Minor version number, but no Update number. For a vocabulary:
51
51
52
-
* A "Minor revision" is associated with the addition of one or more terms to the vocabulary. Thus any content created using the previous version of the vocabulary is still valid using the new vocabulary.
52
+
* A "Minor revision" is associated with the addition of one or more terms to the vocabulary. Thus, any content created using the previous version of the vocabulary is still valid using the new vocabulary.
53
53
* A "Major revision" is associated with the removal or modification of one or more terms in the vocabulary (possibly along with the addition of one or more other terms). Thus, some content using the old vocabulary might no longer be valid when using the new vocabulary. When the Major version number is incremented, the Minor number is set to 0.
54
54
* The version of the vocabulary is appended to the end of the name of the XML type that defines that vocabulary. Specifically, all types used to define a controlled vocabulary end in "-Major.Minor" where Major is the vocabulary’s Major number and Minor is the vocabulary’s Minor number. For example, version 1.3 of the Object State controlled vocabulary has the name ObjectStateVocab-1.3 and uses the ObjectStateEnum-1.3 enumeration. If new terms are added to this vocabulary, new types are created with the names of ObjectStateVocab-1.4 and ObjectStateEnum-1.4. If terms are deleted from the vocabulary, new types are created with the names of ObjectStateVocab-2.0 and ObjectStateEnum-2.0.
55
55
@@ -62,14 +62,14 @@ Within a single Major release of the CybOX Language, the cybox_default_vocabular
62
62
* ObjectStateVocab-2.0 and ObjectStateEnum-2.0
63
63
* ObjectStateVocab-2.1 and ObjectStateEnum-2.1
64
64
65
-
This means that a single version of cybox_default_vocabularies.xsd can be used to validate content that uses any version of a supported vocabulary up to and including the latest version of the given vocabulary present in the schema file within any Major version of CybOX. In the case of a Major revision of CybOX, older versions of vocabularies may be removed. However, the individual version numbers of vocabularies do not reset when this happens. E.g., if the Object State controlled vocabulary was on revision 2.1 (ObjectStateVocab-2.1 and ObjectStateEnum-2.1) and then there was a major revision to CybOX to 3.0, the new version of the cybox_default_vocabularies.xsd is assigned version 3.0 and might not contain types for previous versions of the Object State vocabulary, but the Object State vocabulary is still in version 2.1, and is represented by the types ObjectStateVocab-2.1 and ObjectStateEnum-2.1.
65
+
This means that a single version of cybox_default_vocabularies.xsd can be used to validate content that uses any version of a supported vocabulary up to and including the latest version of the given vocabulary present in the schema file within any Major version of CybOX. In the case of a Major revision of CybOX, older versions of vocabularies may be removed. However, the individual version numbers of vocabularies do not reset when this happens. For example, if the Object State controlled vocabulary was on revision 2.1 (ObjectStateVocab-2.1 and ObjectStateEnum-2.1) and then there was a major revision to CybOX to 3.0, the new version of the cybox_default_vocabularies.xsd is assigned version 3.0 and might not contain types for previous versions of the Object State vocabulary, but the Object State vocabulary is still in version 2.1, and is represented by the types ObjectStateVocab-2.1 and ObjectStateEnum-2.1.
66
66
67
67
For a given version of the CybOX Language, use of any version of a controlled vocabulary within a cybox_default_vocabularies.xsd associated with that Language version. That is, authors may use version 1.2 of a particular vocabulary and be considered compliant with the CybOX Language even if the latest version of that vocabulary for that Language version is version 1.4. However, authors should be aware that there may be differences in support for various versions of the CybOX default vocabularies even between tools that support the same version of the CybOX Language.
68
68
69
69
As noted earlier, controlled vocabularies are considered extension points and the default vocabularies can be extended or replaced by authors. However, in doing this the author is considered to be utilizing a customized version of the CybOX Language and might encounter compatibility issues.
70
70
71
71
#### CybOX Extension Versioning
72
-
The CybOX Extensions schemas are used for structured representation of data using externally defined schemas. For example, there is an extension schema that allows for the identification of software and hardware platforms using the U.S. National Institute of Standards and Technology’s (NIST) Common Platform Enumeration (CPE) Applicability Language schema. Rather than importing these schemas directly into CybOX, these external schemas are captured in CybOX Extension schemas, which can be hooked into CybOX at certain defined extension points.
72
+
The CybOX Extensions schemas are used for structured representation of data using externally defined schemas. For example, there is an extension schema that allows for the identification of software and hardware platforms using the [U.S. National Institute of Standards and Technology’s (NIST) Common Platform Enumeration (CPE) Applicability Language schema](https://scap.nist.gov/specifications/cpe/language.html). Rather than importing these schemas directly into CybOX, these external schemas are captured in CybOX Extension schemas, which can be hooked into CybOX at certain defined extension points.
73
73
74
74
The CybOX Extension schemas represent the recommended way of structuring certain information using existing, externally defined XML schemas (following CybOX’s design objective of "reuse rather than reinvent"). However, no author is ever required to use any of the recommended extension schemas nor are tools required to process those extension schemas. No use case of CybOX requires the use of extension schemas, although authors may wish to use them to achieve greater expressivity in certain situations.
0 commit comments