From aa2d5d9a4321964f91d6dde64c9ec77f366c8ca1 Mon Sep 17 00:00:00 2001 From: Ege Korkan Date: Thu, 29 Feb 2024 12:47:29 +0100 Subject: [PATCH 1/5] apply id changes for assertions --- packages/assertions/assertions-td/manual.csv | 50 +++++++++---------- ...s.json => td-privacy-distributed-ids.json} | 4 +- ...ecurity-body-name-json-pointer-array.json} | 4 +- ...> td-security-body-name-json-pointer.json} | 4 +- .../td-vocab-scheme--SecurityScheme_auto.json | 2 +- packages/assertions/assertions-tm/manual.csv | 8 +-- packages/core/shared.js | 6 +-- 7 files changed, 39 insertions(+), 39 deletions(-) rename packages/assertions/assertions-td/{privacy-distributed-ids.json => td-privacy-distributed-ids.json} (85%) rename packages/assertions/assertions-td/{sec-body-name-json-pointer-array.json => td-security-body-name-json-pointer-array.json} (91%) rename packages/assertions/assertions-td/{sec-body-name-json-pointer.json => td-security-body-name-json-pointer.json} (92%) diff --git a/packages/assertions/assertions-td/manual.csv b/packages/assertions/assertions-td/manual.csv index 80b861fac..b7dca748e 100644 --- a/packages/assertions/assertions-td/manual.csv +++ b/packages/assertions/assertions-td/manual.csv @@ -1,14 +1,14 @@ "ID","Status","Comment","Assertion", -"bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member.", -"bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction.","" -"client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions.", -"client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing.", -"client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing.", -"client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing.", -"sec-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer.", -"server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction.", -"server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description.", -"server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing.", +"td-bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member.", +"td-bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction.","" +"td-client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions.", +"td-client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing.", +"td-client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing.", +"td-client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing.", +"td-security-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer.", +"td-server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction.", +"td-server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description.", +"td-server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing.", "td-context-default-language-direction-independence","null","not testable with Assertion Tester","However, when interpreting human-readable text, each human-readable string value MUST be processed independently.", "td-default-alg","null","not testable with Assertion Tester","BearerSecurityScheme alg ES256", "td-default-contentType","null","not testable with Assertion Tester","Form contentType application/json", @@ -45,22 +45,22 @@ "td-security-no-extras","null","not testable with Assertion Tester","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description.", "td-security-no-secrets","null","not testable with Assertion Tester","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms.", "td-vocabulary-defaults","null","not testable with Assertion Tester","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions.", -"privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing.", -"privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority.", -"privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD.", -"privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier.", -"privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary.", -"privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself.", -"sec-body-name-json-pointer-type","null","not testable with Assertion Tester","The element referenced (or created) by a body security information location MUST be required and of type ""string"".", -"sec-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings.", +"td-privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing.", +"td-privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority.", +"td-privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD.", +"td-privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier.", +"td-privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary.", +"td-privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself.", +"td-security-body-name-json-pointer-type","null","not testable with Assertion Tester","The element referenced (or created) by a body security information location MUST be required and of type ""string"".", +"td-security-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings.", "security-context-secure-fetch","null","not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given.", -"security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing.", -"security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels.", -"security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed.", -"security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access.", -"security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts.", -"security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated.", -"security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process.", +"td-security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing.", +"td-security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels.", +"td-security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed.", +"td-security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access.", +"td-security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts.", +"td-security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated.", +"td-security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process.", "td-context-ns-td10-namespacev10","null","not testable with Assertion Tester","TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description]] specification.", "td-default-AdditionalResponseContentType","null","not testable with Assertion Tester","AdditionalExpectedResponse contentType value of the contentType of the Form element it belongs to.", "td-default-observable","null","not testable with Assertion Tester","PropertyAffordance observable false", diff --git a/packages/assertions/assertions-td/privacy-distributed-ids.json b/packages/assertions/assertions-td/td-privacy-distributed-ids.json similarity index 85% rename from packages/assertions/assertions-td/privacy-distributed-ids.json rename to packages/assertions/assertions-td/td-privacy-distributed-ids.json index e0da98feb..40ba5eda9 100644 --- a/packages/assertions/assertions-td/privacy-distributed-ids.json +++ b/packages/assertions/assertions-td/td-privacy-distributed-ids.json @@ -1,9 +1,9 @@ { - "title": "privacy-distributed-ids", + "title": "td-privacy-distributed-ids", "description": "TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness.", "$schema": "http://json-schema.org/draft-07/schema#", "is-complex": false, - "also": ["privacy-id-metadata"], + "also": ["td-privacy-id-metadata"], "type": "object", "properties": { "id": { diff --git a/packages/assertions/assertions-td/sec-body-name-json-pointer-array.json b/packages/assertions/assertions-td/td-security-body-name-json-pointer-array.json similarity index 91% rename from packages/assertions/assertions-td/sec-body-name-json-pointer-array.json rename to packages/assertions/assertions-td/td-security-body-name-json-pointer-array.json index beb2c6833..9bdec1a80 100644 --- a/packages/assertions/assertions-td/sec-body-name-json-pointer-array.json +++ b/packages/assertions/assertions-td/td-security-body-name-json-pointer-array.json @@ -1,5 +1,5 @@ { - "title": "sec-body-name-json-pointer-array", + "title": "td-security-body-name-json-pointer-array", "description": "The JSON pointer used in the body locator MAY use the - character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array", "$schema": "http://json-schema.org/draft-07/schema#", "is-complex": true, @@ -36,7 +36,7 @@ "required": ["in", "scheme", "name"] }, "then": { - "const": "sec-body-name-json-pointer-array=pass" + "const": "td-security-body-name-json-pointer-array=pass" } } } diff --git a/packages/assertions/assertions-td/sec-body-name-json-pointer.json b/packages/assertions/assertions-td/td-security-body-name-json-pointer.json similarity index 92% rename from packages/assertions/assertions-td/sec-body-name-json-pointer.json rename to packages/assertions/assertions-td/td-security-body-name-json-pointer.json index 2b6cd5750..8055a7b8d 100644 --- a/packages/assertions/assertions-td/sec-body-name-json-pointer.json +++ b/packages/assertions/assertions-td/td-security-body-name-json-pointer.json @@ -1,5 +1,5 @@ { - "title": "sec-body-name-json-pointer", + "title": "td-security-body-name-json-pointer", "description": "When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with.", "$schema": "http://json-schema.org/draft-07/schema#", "is-complex": true, @@ -36,7 +36,7 @@ "required": ["in", "scheme", "name"] }, "then": { - "const": "sec-body-name-json-pointer=pass" + "const": "td-security-body-name-json-pointer=pass" } } } diff --git a/packages/assertions/assertions-td/td-vocab-scheme--SecurityScheme_auto.json b/packages/assertions/assertions-td/td-vocab-scheme--SecurityScheme_auto.json index 2f9a5d50c..64ceae505 100644 --- a/packages/assertions/assertions-td/td-vocab-scheme--SecurityScheme_auto.json +++ b/packages/assertions/assertions-td/td-vocab-scheme--SecurityScheme_auto.json @@ -3,7 +3,7 @@ "description": "scheme: Identification of security mechanism being configured. MUST be included. Type: string auto.", "$schema": "http://json-schema.org/draft-07/schema#", "is-complex": true, - "also": ["td-security-binding", "sec-vuln-auto", "sec-security-vocab-auto-in-no-name"], + "also": ["td-security-binding", "td-security-vuln-auto", "td-security-security-vocab-auto-in-no-name"], "type": "object", "properties": { "securityDefinitions": { diff --git a/packages/assertions/assertions-tm/manual.csv b/packages/assertions/assertions-tm/manual.csv index 75a0b7fb2..2a052849a 100644 --- a/packages/assertions/assertions-tm/manual.csv +++ b/packages/assertions/assertions-tm/manual.csv @@ -1,8 +1,8 @@ "ID","Status","Comment","Assertion" -"thing-model-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with ""rel"":""tm:extends"" MUST be removed from the current Partial TD" -"thing-model-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." -"thing-model-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." -"thing-model-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." +"tm-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with ""rel"":""tm:extends"" MUST be removed from the current Partial TD" +"tm-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." +"tm-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." +"tm-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." "tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model." "tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model." "tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions." diff --git a/packages/core/shared.js b/packages/core/shared.js index 6f460afae..b2f46042d 100644 --- a/packages/core/shared.js +++ b/packages/core/shared.js @@ -1093,8 +1093,8 @@ async function fetchLinkedTm(td) { * @param {object} td - TD to check */ async function checkLinkedAffordances(td) { - const ASSERTION_REQUIRED = "thing-model-td-generation-processor-type"; - const ASSERTION_OPTIONAL = "thing-model-td-generation-processor-optional"; + const ASSERTION_REQUIRED = "tm-td-generation-processor-type"; + const ASSERTION_OPTIONAL = "tm-td-generation-processor-optional"; const tmResult = await fetchLinkedTm(td); if (!tmResult.success) { @@ -1203,7 +1203,7 @@ async function checkLinkedAffordances(td) { * @param {object} td - TD to check */ async function checkLinkedStructure(td) { - const ASSERTION_NAME = "thing-model-td-generation-processor-imports"; + const ASSERTION_NAME = "tm-td-generation-processor-imports"; const tmResult = await fetchLinkedTm(td); if (!tmResult.success) { From 6f872ee2f5798575a8a8b7ba31d3f918f6c50ca4 Mon Sep 17 00:00:00 2001 From: Ege Korkan Date: Thu, 29 Feb 2024 12:47:52 +0100 Subject: [PATCH 2/5] update list files --- .../assertions-td/tdAssertionList.json | 203 +----------------- .../assertions-tm/tmAssertionList.json | 12 +- 2 files changed, 2 insertions(+), 213 deletions(-) diff --git a/packages/assertions/assertions-td/tdAssertionList.json b/packages/assertions/assertions-td/tdAssertionList.json index 84dd20002..22a8b4443 100644 --- a/packages/assertions/assertions-td/tdAssertionList.json +++ b/packages/assertions/assertions-td/tdAssertionList.json @@ -1,202 +1 @@ -[ - "privacy-distributed-ids.json", - "sec-body-name-json-pointer-array.json", - "sec-body-name-json-pointer.json", - "td-action-arrays.json", - "td-action-names_at-type.json", - "td-action-names_description.json", - "td-action-names_descriptions.json", - "td-action-names_title.json", - "td-action-names_titles.json", - "td-action-names_uriVariables.json", - "td-actions_existence.json", - "td-context-default-language.json", - "td-context-ns-td10-namespace.json", - "td-context-ns-thing-map-of-namespaces.json", - "td-context-ns-thing-optional.json", - "td-context.json", - "td-event-arrays.json", - "td-event-names_at-type.json", - "td-event-names_description.json", - "td-event-names_descriptions.json", - "td-event-names_title.json", - "td-event-names_titles.json", - "td-event-names_uriVariables.json", - "td-events_existence.json", - "td-integer-type.json", - "td-links.json", - "td-number-type.json", - "td-op-for-action.json", - "td-op-for-event.json", - "td-op-for-property.json", - "td-op-for-thing.json", - "td-properties_existence.json", - "td-property-arrays.json", - "td-property-names_at-type.json", - "td-property-names_const.json", - "td-property-names_description.json", - "td-property-names_descriptions.json", - "td-property-names_enum.json", - "td-property-names_items.json", - "td-property-names_maxItems.json", - "td-property-names_maximum.json", - "td-property-names_minItems.json", - "td-property-names_minimum.json", - "td-property-names_oneOf.json", - "td-property-names_properties.json", - "td-property-names_readOnly.json", - "td-property-names_required.json", - "td-property-names_title.json", - "td-property-names_titles.json", - "td-property-names_type.json", - "td-property-names_unit.json", - "td-property-names_uriVariables.json", - "td-property-names_writeOnly.json", - "td-security-bearer-format-extensions_alg.json", - "td-security-bearer-format-extensions_format.json", - "td-security-combo-exclusive-oneof-or-alloff.json", - "td-security-in-query-over-uri.json", - "td-security-oauth2-client-flow.json", - "td-security-oauth2-code-flow.json", - "td-security-oauth2-device-flow.json", - "td-string-type.json", - "td-text-at-direction.json", - "td-title-description_descriptions.json", - "td-title-description_titles.json", - "td-version.json", - "td-vocab-additionalResponses--Form.json", - "td-vocab-alg--BearerSecurityScheme.json", - "td-vocab-allOf--ComboSecurityScheme.json", - "td-vocab-anchor--Link.json", - "td-vocab-at-type--DataSchema.json", - "td-vocab-at-type--InteractionAffordance.json", - "td-vocab-at-type--SecurityScheme.json", - "td-vocab-at-type--Thing.json", - "td-vocab-authorization--BearerSecurityScheme.json", - "td-vocab-authorization--OAuth2SecurityScheme.json", - "td-vocab-base--Thing.json", - "td-vocab-cancellation--EventAffordance.json", - "td-vocab-const--DataSchema.json", - "td-vocab-contentCoding.json", - "td-vocab-contentEncoding--StringSchema.json", - "td-vocab-contentMediaType--StringSchema.json", - "td-vocab-contentType--AdditionalExpectedResponse.json", - "td-vocab-contentType-Form.json", - "td-vocab-created--Thing.json", - "td-vocab-data--EventAffordance.json", - "td-vocab-dataResponse--EventAffordance.json", - "td-vocab-default--DataSchema.json", - "td-vocab-description--DataSchema.json", - "td-vocab-description--InteractionAffordance.json", - "td-vocab-description--SecurityScheme.json", - "td-vocab-description--Thing.json", - "td-vocab-descriptions--DataSchema.json", - "td-vocab-descriptions--InteractionAffordance.json", - "td-vocab-descriptions--SecurityScheme.json", - "td-vocab-descriptions--Thing.json", - "td-vocab-enum--DataSchema.json", - "td-vocab-exclusiveMaximum--IntegerSchema.json", - "td-vocab-exclusiveMaximum--NumberSchema.json", - "td-vocab-exclusiveMinimum--IntegerSchema.json", - "td-vocab-exclusiveMinimum--NumberSchema.json", - "td-vocab-flow--OAuth2SecurityScheme.json", - "td-vocab-format--BearerSecurityScheme.json", - "td-vocab-format--DataSchema.json", - "td-vocab-forms--InteractionAffordance.json", - "td-vocab-forms--Thing.json", - "td-vocab-hreflang--Link.json", - "td-vocab-idempotent--ActionAffordance.json", - "td-vocab-identity--PSKSecurityScheme.json", - "td-vocab-in--APIKeySecurityScheme.json", - "td-vocab-in--BasicSecurityScheme.json", - "td-vocab-in--BearerSecurityScheme.json", - "td-vocab-in--DigestSecurityScheme.json", - "td-vocab-input--ActionAffordance.json", - "td-vocab-items--ArraySchema.json", - "td-vocab-maxItems--ArraySchema.json", - "td-vocab-maxLength--StringSchema.json", - "td-vocab-maximum--IntegerSchema.json", - "td-vocab-maximum--NumberSchema.json", - "td-vocab-minItems--ArraySchema.json", - "td-vocab-minLength--StringSchema.json", - "td-vocab-minimum--IntegerSchema.json", - "td-vocab-minimum--NumberSchema.json", - "td-vocab-model--VersionInfo.json", - "td-vocab-modified--Thing.json", - "td-vocab-multipleOf--IntegerSchema.json", - "td-vocab-multipleOf--NumberSchema.json", - "td-vocab-name--APIKeySecurityScheme.json", - "td-vocab-name--BasicSecurityScheme.json", - "td-vocab-name--BearerSecurityScheme.json", - "td-vocab-name--DigestSecurityScheme.json", - "td-vocab-observable--PropertyAffordance.json", - "td-vocab-oneOf--ComboSecurityScheme.json", - "td-vocab-oneOf--DataSchema.json", - "td-vocab-op--Form_cancelaction.json", - "td-vocab-op--Form_invokeaction.json", - "td-vocab-op--Form_observeallproperties.json", - "td-vocab-op--Form_observeproperty.json", - "td-vocab-op--Form_queryaction.json", - "td-vocab-op--Form_queryallactions.json", - "td-vocab-op--Form_readallproperties.json", - "td-vocab-op--Form_readmultipleproperties.json", - "td-vocab-op--Form_readproperty.json", - "td-vocab-op--Form_subscribeallevents.json", - "td-vocab-op--Form_subscribeevent.json", - "td-vocab-op--Form_unobserveallproperties.json", - "td-vocab-op--Form_unobserveproperty.json", - "td-vocab-op--Form_unsubscribeallevents.json", - "td-vocab-op--Form_unsubscribeevent.json", - "td-vocab-op--Form_writeallproperties.json", - "td-vocab-op--Form_writemultipleproperties.json", - "td-vocab-op--Form_writeproperty.json", - "td-vocab-output--ActionAffordance.json", - "td-vocab-pattern--StringSchema.json", - "td-vocab-profile--Thing.json", - "td-vocab-properties--ObjectSchema.json", - "td-vocab-proxy--SecurityScheme.json", - "td-vocab-qop--DigestSecurityScheme.json", - "td-vocab-readOnly--DataSchema.json", - "td-vocab-refresh--OAuth2SecurityScheme.json", - "td-vocab-rel--Link.json", - "td-vocab-required--ObjectSchema.json", - "td-vocab-response--Form.json", - "td-vocab-safe--ActionAffordance.json", - "td-vocab-schema--AdditionalExpectedResponse.json", - "td-vocab-schemaDefinitions--Thing.json", - "td-vocab-scheme--SecurityScheme_apikey.json", - "td-vocab-scheme--SecurityScheme_auto.json", - "td-vocab-scheme--SecurityScheme_basic.json", - "td-vocab-scheme--SecurityScheme_bearer.json", - "td-vocab-scheme--SecurityScheme_digest.json", - "td-vocab-scheme--SecurityScheme_nosec.json", - "td-vocab-scheme--SecurityScheme_oauth2.json", - "td-vocab-scheme--SecurityScheme_psk.json", - "td-vocab-scopes--Form.json", - "td-vocab-scopes--OAuth2SecurityScheme.json", - "td-vocab-security--Form.json", - "td-vocab-sizes--Link.json", - "td-vocab-subprotocol--Form.json", - "td-vocab-subscription--EventAffordance.json", - "td-vocab-success--AdditionalExpectedResponse.json", - "td-vocab-support--Thing.json", - "td-vocab-synchronous--ActionAffordance.json", - "td-vocab-title--DataSchema.json", - "td-vocab-title--InteractionAffordance.json", - "td-vocab-titles--DataSchema.json", - "td-vocab-titles--InteractionAffordance.json", - "td-vocab-titles--Thing.json", - "td-vocab-token--OAuth2SecurityScheme.json", - "td-vocab-type--DataSchema_array.json", - "td-vocab-type--DataSchema_boolean.json", - "td-vocab-type--DataSchema_integer.json", - "td-vocab-type--DataSchema_null.json", - "td-vocab-type--DataSchema_number.json", - "td-vocab-type--DataSchema_object.json", - "td-vocab-type--DataSchema_string.json", - "td-vocab-type--Link.json", - "td-vocab-unit--DataSchema.json", - "td-vocab-uriVariables--InteractionAffordance.json", - "td-vocab-uriVariables--Thing.json", - "td-vocab-writeOnly--DataSchema.json" -] +["td-action-arrays.json","td-action-names_at-type.json","td-action-names_description.json","td-action-names_descriptions.json","td-action-names_title.json","td-action-names_titles.json","td-action-names_uriVariables.json","td-actions_existence.json","td-context-default-language.json","td-context-ns-td10-namespace.json","td-context-ns-thing-map-of-namespaces.json","td-context-ns-thing-optional.json","td-context.json","td-event-arrays.json","td-event-names_at-type.json","td-event-names_description.json","td-event-names_descriptions.json","td-event-names_title.json","td-event-names_titles.json","td-event-names_uriVariables.json","td-events_existence.json","td-integer-type.json","td-links.json","td-number-type.json","td-op-for-action.json","td-op-for-event.json","td-op-for-property.json","td-op-for-thing.json","td-privacy-distributed-ids.json","td-properties_existence.json","td-property-arrays.json","td-property-names_at-type.json","td-property-names_const.json","td-property-names_description.json","td-property-names_descriptions.json","td-property-names_enum.json","td-property-names_items.json","td-property-names_maxItems.json","td-property-names_maximum.json","td-property-names_minItems.json","td-property-names_minimum.json","td-property-names_oneOf.json","td-property-names_properties.json","td-property-names_readOnly.json","td-property-names_required.json","td-property-names_title.json","td-property-names_titles.json","td-property-names_type.json","td-property-names_unit.json","td-property-names_uriVariables.json","td-property-names_writeOnly.json","td-security-bearer-format-extensions_alg.json","td-security-bearer-format-extensions_format.json","td-security-body-name-json-pointer-array.json","td-security-body-name-json-pointer.json","td-security-combo-exclusive-oneof-or-alloff.json","td-security-in-query-over-uri.json","td-security-oauth2-client-flow.json","td-security-oauth2-code-flow.json","td-security-oauth2-device-flow.json","td-string-type.json","td-text-at-direction.json","td-title-description_descriptions.json","td-title-description_titles.json","td-version.json","td-vocab-additionalResponses--Form.json","td-vocab-alg--BearerSecurityScheme.json","td-vocab-allOf--ComboSecurityScheme.json","td-vocab-anchor--Link.json","td-vocab-at-type--DataSchema.json","td-vocab-at-type--InteractionAffordance.json","td-vocab-at-type--SecurityScheme.json","td-vocab-at-type--Thing.json","td-vocab-authorization--BearerSecurityScheme.json","td-vocab-authorization--OAuth2SecurityScheme.json","td-vocab-base--Thing.json","td-vocab-cancellation--EventAffordance.json","td-vocab-const--DataSchema.json","td-vocab-contentCoding.json","td-vocab-contentEncoding--StringSchema.json","td-vocab-contentMediaType--StringSchema.json","td-vocab-contentType--AdditionalExpectedResponse.json","td-vocab-contentType-Form.json","td-vocab-created--Thing.json","td-vocab-data--EventAffordance.json","td-vocab-dataResponse--EventAffordance.json","td-vocab-default--DataSchema.json","td-vocab-description--DataSchema.json","td-vocab-description--InteractionAffordance.json","td-vocab-description--SecurityScheme.json","td-vocab-description--Thing.json","td-vocab-descriptions--DataSchema.json","td-vocab-descriptions--InteractionAffordance.json","td-vocab-descriptions--SecurityScheme.json","td-vocab-descriptions--Thing.json","td-vocab-enum--DataSchema.json","td-vocab-exclusiveMaximum--IntegerSchema.json","td-vocab-exclusiveMaximum--NumberSchema.json","td-vocab-exclusiveMinimum--IntegerSchema.json","td-vocab-exclusiveMinimum--NumberSchema.json","td-vocab-flow--OAuth2SecurityScheme.json","td-vocab-format--BearerSecurityScheme.json","td-vocab-format--DataSchema.json","td-vocab-forms--InteractionAffordance.json","td-vocab-forms--Thing.json","td-vocab-hreflang--Link.json","td-vocab-idempotent--ActionAffordance.json","td-vocab-identity--PSKSecurityScheme.json","td-vocab-in--APIKeySecurityScheme.json","td-vocab-in--BasicSecurityScheme.json","td-vocab-in--BearerSecurityScheme.json","td-vocab-in--DigestSecurityScheme.json","td-vocab-input--ActionAffordance.json","td-vocab-items--ArraySchema.json","td-vocab-maxItems--ArraySchema.json","td-vocab-maxLength--StringSchema.json","td-vocab-maximum--IntegerSchema.json","td-vocab-maximum--NumberSchema.json","td-vocab-minItems--ArraySchema.json","td-vocab-minLength--StringSchema.json","td-vocab-minimum--IntegerSchema.json","td-vocab-minimum--NumberSchema.json","td-vocab-model--VersionInfo.json","td-vocab-modified--Thing.json","td-vocab-multipleOf--IntegerSchema.json","td-vocab-multipleOf--NumberSchema.json","td-vocab-name--APIKeySecurityScheme.json","td-vocab-name--BasicSecurityScheme.json","td-vocab-name--BearerSecurityScheme.json","td-vocab-name--DigestSecurityScheme.json","td-vocab-observable--PropertyAffordance.json","td-vocab-oneOf--ComboSecurityScheme.json","td-vocab-oneOf--DataSchema.json","td-vocab-op--Form_cancelaction.json","td-vocab-op--Form_invokeaction.json","td-vocab-op--Form_observeallproperties.json","td-vocab-op--Form_observeproperty.json","td-vocab-op--Form_queryaction.json","td-vocab-op--Form_queryallactions.json","td-vocab-op--Form_readallproperties.json","td-vocab-op--Form_readmultipleproperties.json","td-vocab-op--Form_readproperty.json","td-vocab-op--Form_subscribeallevents.json","td-vocab-op--Form_subscribeevent.json","td-vocab-op--Form_unobserveallproperties.json","td-vocab-op--Form_unobserveproperty.json","td-vocab-op--Form_unsubscribeallevents.json","td-vocab-op--Form_unsubscribeevent.json","td-vocab-op--Form_writeallproperties.json","td-vocab-op--Form_writemultipleproperties.json","td-vocab-op--Form_writeproperty.json","td-vocab-output--ActionAffordance.json","td-vocab-pattern--StringSchema.json","td-vocab-profile--Thing.json","td-vocab-properties--ObjectSchema.json","td-vocab-proxy--SecurityScheme.json","td-vocab-qop--DigestSecurityScheme.json","td-vocab-readOnly--DataSchema.json","td-vocab-refresh--OAuth2SecurityScheme.json","td-vocab-rel--Link.json","td-vocab-required--ObjectSchema.json","td-vocab-response--Form.json","td-vocab-safe--ActionAffordance.json","td-vocab-schema--AdditionalExpectedResponse.json","td-vocab-schemaDefinitions--Thing.json","td-vocab-scheme--SecurityScheme_apikey.json","td-vocab-scheme--SecurityScheme_auto.json","td-vocab-scheme--SecurityScheme_basic.json","td-vocab-scheme--SecurityScheme_bearer.json","td-vocab-scheme--SecurityScheme_digest.json","td-vocab-scheme--SecurityScheme_nosec.json","td-vocab-scheme--SecurityScheme_oauth2.json","td-vocab-scheme--SecurityScheme_psk.json","td-vocab-scopes--Form.json","td-vocab-scopes--OAuth2SecurityScheme.json","td-vocab-security--Form.json","td-vocab-sizes--Link.json","td-vocab-subprotocol--Form.json","td-vocab-subscription--EventAffordance.json","td-vocab-success--AdditionalExpectedResponse.json","td-vocab-support--Thing.json","td-vocab-synchronous--ActionAffordance.json","td-vocab-title--DataSchema.json","td-vocab-title--InteractionAffordance.json","td-vocab-titles--DataSchema.json","td-vocab-titles--InteractionAffordance.json","td-vocab-titles--Thing.json","td-vocab-token--OAuth2SecurityScheme.json","td-vocab-type--DataSchema_array.json","td-vocab-type--DataSchema_boolean.json","td-vocab-type--DataSchema_integer.json","td-vocab-type--DataSchema_null.json","td-vocab-type--DataSchema_number.json","td-vocab-type--DataSchema_object.json","td-vocab-type--DataSchema_string.json","td-vocab-type--Link.json","td-vocab-unit--DataSchema.json","td-vocab-uriVariables--InteractionAffordance.json","td-vocab-uriVariables--Thing.json","td-vocab-writeOnly--DataSchema.json"] \ No newline at end of file diff --git a/packages/assertions/assertions-tm/tmAssertionList.json b/packages/assertions/assertions-tm/tmAssertionList.json index 01543ce98..72058701e 100644 --- a/packages/assertions/assertions-tm/tmAssertionList.json +++ b/packages/assertions/assertions-tm/tmAssertionList.json @@ -1,11 +1 @@ -[ - "tm-compose-instanceName.json", - "tm-compose-submodel.json", - "tm-extend.json", - "tm-identification.json", - "tm-placeholder.json", - "tm-protocol-security-restriction.json", - "tm-tmOptional.json", - "tm-tmRef1.json", - "tm-versioning-2.json" -] +["tm-compose-instanceName.json","tm-compose-submodel.json","tm-extend.json","tm-identification.json","tm-placeholder.json","tm-protocol-security-restriction.json","tm-tmOptional.json","tm-tmRef1.json","tm-versioning-2.json"] \ No newline at end of file From 691b58acbfedd7d328e8631b4c083ee7e56e1961 Mon Sep 17 00:00:00 2001 From: Ege Korkan Date: Thu, 29 Feb 2024 14:41:00 +0100 Subject: [PATCH 3/5] fix commas --- packages/assertions/assertions-tm/manual.csv | 28 ++++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/packages/assertions/assertions-tm/manual.csv b/packages/assertions/assertions-tm/manual.csv index 2a052849a..e1e012af8 100644 --- a/packages/assertions/assertions-tm/manual.csv +++ b/packages/assertions/assertions-tm/manual.csv @@ -1,15 +1,15 @@ "ID","Status","Comment","Assertion" -"tm-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with ""rel"":""tm:extends"" MUST be removed from the current Partial TD" -"tm-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." -"tm-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." -"tm-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." -"tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model." -"tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model." -"tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions." -"tm-placeholder-replacement","null","not testable with Assertion Tester","The placeholder labeling MUST be substituted with a concrete value (e.g., as JSON number, JSON string, JSON object, etc) when TD instance is created from the Thing Model." -"tm-ref-recursive-extensions","null","not testable with Assertion Tester","Recursive extensions leading to an infinite loop MUST NOT be defined." -"tm-tmRef-overwrite-possibility","null","not testable with Assertion Tester","If the intention is to override an existing JSON name-value pair definition from tm:ref, the same JSON name MUST be used at the same level of the tm:ref declaration that provides a new value." -"tm-tmRef-overwrite-process","null","not testable with Assertion Tester","The process to overwrite MUST follow the JSON Merge Patch algorithm as defined in [RFC7396] where the content of the referenced definition is patched with the new provided JSON name-value pairs." -"tm-tmRef-overwrite-semantic-meaning","null","not testable with Assertion Tester","Similar to tm:extends and to keep the semantic meaning, definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin referenced definition." -"tm-tmRef2","null","not testable with Assertion Tester","Every time tm:ref is used, the referenced pre-definition and its dependencies (e.g., by context extension) MUST be assumed at the new defined definition." -"tm-versioning-1","null","not testable with Assertion Tester","When the Thing Model definitions change over time, this SHOULD be reflected in the version container." \ No newline at end of file +"tm-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with rel:tm:extends MUST be removed from the current Partial TD", +"tm-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or .", +"tm-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD.", +"tm-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance.", +"tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model.", +"tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model.", +"tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions.", +"tm-placeholder-replacement","null","not testable with Assertion Tester","The placeholder labeling MUST be substituted with a concrete value (e.g., as JSON number, JSON string, JSON object, etc) when TD instance is created from the Thing Model.", +"tm-ref-recursive-extensions","null","not testable with Assertion Tester","Recursive extensions leading to an infinite loop MUST NOT be defined.", +"tm-tmRef-overwrite-possibility","null","not testable with Assertion Tester","If the intention is to override an existing JSON name-value pair definition from tm:ref, the same JSON name MUST be used at the same level of the tm:ref declaration that provides a new value.", +"tm-tmRef-overwrite-process","null","not testable with Assertion Tester","The process to overwrite MUST follow the JSON Merge Patch algorithm as defined in [RFC7396] where the content of the referenced definition is patched with the new provided JSON name-value pairs.", +"tm-tmRef-overwrite-semantic-meaning","null","not testable with Assertion Tester","Similar to tm:extends and to keep the semantic meaning, definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin referenced definition.", +"tm-tmRef2","null","not testable with Assertion Tester","Every time tm:ref is used, the referenced pre-definition and its dependencies (e.g., by context extension) MUST be assumed at the new defined definition.", +"tm-versioning-1","null","not testable with Assertion Tester","When the Thing Model definitions change over time, this SHOULD be reflected in the version container.", \ No newline at end of file From e210f993161d0ba28b6f3e858acf319da6e54960 Mon Sep 17 00:00:00 2001 From: Ege Korkan Date: Thu, 29 Feb 2024 14:51:45 +0100 Subject: [PATCH 4/5] sync full list with td repo --- .../assertions/assertions-csv/assertions.csv | 76 +++++++++---------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/packages/assertions/assertions-csv/assertions.csv b/packages/assertions/assertions-csv/assertions.csv index e086d959d..886ec053b 100644 --- a/packages/assertions/assertions-csv/assertions.csv +++ b/packages/assertions/assertions-csv/assertions.csv @@ -1,34 +1,4 @@ "ID","Status","Assertion" -"bindings-requirements-scheme","null","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." -"bindings-server-accept","null","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." -"client-data-schema","null","A Consumer when interacting with another target Thing described in a WoT Thing Description MUST generate data organized according to the data schemas given in the corresponding interactions." -"client-data-schema-accept-extras","null","A Consumer when interacting with another Thing MUST accept without error any additional data not described in the data schemas given in the Thing Description of the target Thing." -"client-data-schema-no-extras","null","A Consumer when interacting with another Thing MUST NOT generate data not described in the data schemas given in the Thing Description of that Thing." -"client-uri-template","null","A Consumer when interacting with another Thing MUST generate URIs according to the URI Templates, base URIs, and form href parameters given in the Thing Description of the target Thing." -"privacy-auth-users-only","null","Only authorized users SHOULD be provided access to the Thing Description for a Thing." -"privacy-centralized-ids","null","TD identifiers SHOULD NOT be generated using a centralized authority." -"privacy-distributed-ids","null","TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." -"privacy-essential-metadata-only","null","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." -"privacy-id-metadata","null","The value of the id of a TD SHOULD NOT contain metadata describing the Thing or from the TD itself." -"privacy-mutable-identifiers","null","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." -"privacy-temp-id-metadata","null","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." -"sec-body-name-json-pointer","null","When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with." -"sec-body-name-json-pointer-array","null","The JSON pointer used in the body locator MAY use the ""-"" character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array." -"sec-body-name-json-pointer-creatable","null","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." -"sec-body-name-json-pointer-type","null","The element referenced (or created) by a body security information location MUST be required and of type ""string""." -"sec-inj-no-intl-markup","null","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." -"sec-security-vocab-auto-in-no-name","null","If a value of auto is set for the in field of a SecurityScheme, then the name field SHOULD NOT be set." -"sec-vuln-auto","null","The auto security scheme MAY be used if vulnerability scanning is a concern." -"security-jsonld-expansion","null","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." -"security-mutual-auth-td","null","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." -"security-no-execution","null","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." -"security-oauth-limits","null","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." -"security-remote-context","null","Constrained implementations SHOULD NOT follow links to remote contexts." -"security-server-auth-td","null","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." -"security-static-context","null","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." -"server-data-schema","null","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." -"server-data-schema-extras","null","A Thing MAY return additional data from an interaction even when such data is not described in the data schemas given in its WoT Thing Description." -"server-uri-template","null","URI Templates, base URIs, and href members in a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." "td-action-arrays","null","The value assigned to forms in an instance of ActionAffordance MUST be serialized as a JSON array containing one or more JSON object serializations as defined in ." "td-action-names","null","All name-value pairs of an instance of ActionAffordance, where the name is a Vocabulary Term included in (one of) the Signatures of ActionAffordance or InteractionAffordance, MUST be serialized as members of the JSON object that results from serializing the ActionAffordance instance, with the Vocabulary Term as name." "td-action-names_at-type","null","The vocabulary term @type MUST be serialized as a JSON name within an Action object." @@ -54,8 +24,14 @@ "td-arrays","null","All values assigned to links, and forms in an instance of the Class Thing MUST be serialized as JSON arrays containing JSON objects as defined in and , respectively." "td-arrays_forms","null","The type of the member forms MUST be a JSON array." "td-arrays_links","null","The type of the member links MUST be a JSON array." +"td-bindings-requirements-scheme","null","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." +"td-bindings-server-accept","null","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." "td-boolean-type","null","Values that are of type boolean MUST be serialized as JSON boolean." "td-class-type","null","A Class instance MUST be serialized as a JSON object, following the detailed rules given individually in ." +"td-client-data-schema","null","A Consumer when interacting with another target Thing described in a WoT Thing Description MUST generate data organized according to the data schemas given in the corresponding interactions." +"td-client-data-schema-accept-extras","null","A Consumer when interacting with another Thing MUST accept without error any additional data not described in the data schemas given in the Thing Description of the target Thing." +"td-client-data-schema-no-extras","null","A Consumer when interacting with another Thing MUST NOT generate data not described in the data schemas given in the Thing Description of that Thing." +"td-client-uri-template","null","A Consumer when interacting with another Thing MUST generate URIs according to the URI Templates, base URIs, and form href parameters given in the Thing Description of the target Thing." "td-context","null","The root element of a TD Serialization MUST be a JSON object that includes a member with the name @context and a value of type string or array that equals or respectively contains https://www.w3.org/2022/wot/td/v1.1." "td-context-default-language","null","One Map contained in an @context Array SHOULD contain a name-value pair that defines the default language for the Thing Description, where the name is the Term @language and the value is a well-formed language tag as defined by [BCP47] (e.g., en, de-AT, gsw-CH, zh-Hans, zh-Hant-HK, sl-nedis)." "td-context-default-language-direction-independence","null","However, when interpreting human-readable text, each human-readable string value MUST be processed independently." @@ -188,6 +164,13 @@ "td-op-for-event","null","When a Form instance is within an EventAffordance instance, the value assigned to op MUST be either subscribeevent, unsubscribeevent, or both terms within an Array." "td-op-for-property","null","When a Form instance is within a PropertyAffordance instance, the value assigned to op MUST be one of readproperty, writeproperty, observeproperty, unobserveproperty or an Array containing a combination of these terms." "td-op-for-thing","null","When the forms Array of a Thing instance contains Form instances, it MUST contain op member with the string values assigned to the name op, either directly or within an Array, MUST be one of the following operation types: readallproperties, writeallproperties, readmultipleproperties, writemultipleproperties, observeallproperties, unobserveallproperties, queryallactions, subscribeallevents, or unsubscribeallevents." +"td-privacy-auth-users-only","null","Only authorized users SHOULD be provided access to the Thing Description for a Thing." +"td-privacy-centralized-ids","null","TD identifiers SHOULD NOT be generated using a centralized authority." +"td-privacy-distributed-ids","null","TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." +"td-privacy-essential-metadata-only","null","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." +"td-privacy-id-metadata","null","The value of the id of a TD SHOULD NOT contain metadata describing the Thing or from the TD itself." +"td-privacy-mutable-identifiers","null","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." +"td-privacy-temp-id-metadata","null","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." "td-processor","null","A TD Processor MUST satisfy the Class instantiation constraints on all Classes defined in , , , and ." "td-processor-bidi-isolation","null","TD Processors SHOULD take care to use bidi isolation when presenting strings to users, particularly when embedding in surrounding text (e.g., for Web user interface)" "td-processor-serialization","null","A TD Processor MUST be able to serialize Thing Descriptions into the JSON format [[!RFC8259]] and/or deserialize Thing Descriptions from that format, according to the rules noted in and ." @@ -233,21 +216,38 @@ "td-security-bearer-format-extensions_alg","null","Other algorithms for bearer tokens MAY be specified in vocabulary extensions." "td-security-bearer-format-extensions_format","null","Other formats for bearer tokens MAY be specified in vocabulary extensions." "td-security-binding","null","If a Thing requires a specific access mechanism for an interaction, that mechanism MUST be specified in the security configuration of the Thing Description." +"td-security-body-name-json-pointer","null","When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with." +"td-security-body-name-json-pointer-array","null","The JSON pointer used in the body locator MAY use the ""-"" character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array." +"td-security-body-name-json-pointer-creatable","null","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." +"td-security-body-name-json-pointer-type","null","The element referenced (or created) by a body security information location MUST be required and of type ""string""." "td-security-combo-deprecation","null","However, the use of an array with multiple elements to combine security schemes in a security element is now deprecated, instead a ComboSecurityScheme SHOULD be used." "td-security-combo-exclusive-oneof-or-allof","null","Exactly one of either oneOf or allOf vocabulary terms MUST be included." "td-security-extension","null","Additional security schemes MUST be Subclasses of the Class SecurityScheme." "td-security-in-query-over-uri","null","The value uri SHOULD be specified for the name in in a security scheme only if query is not applicable." "td-security-in-uri-variable","null","The URIs provided in interactions where a security scheme using uri as the value for in MUST be a URI template including the defined variable." +"td-security-inj-no-intl-markup","null","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." +"td-security-jsonld-expansion","null","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." "td-security-mandatory","null","At least one security definition MUST be activated through the security member at the Thing level (i.e., in the TD root object)." +"td-security-mutual-auth-td","null","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." +"td-security-no-execution","null","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." "td-security-no-extras","null","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description." "td-security-no-secrets","null","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms." +"td-security-oauth-limits","null","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." "td-security-oauth2-client-flow","null","For the client flow token vocabulary term MUST be included." "td-security-oauth2-client-flow-no-auth","null","For the client flow authorization vocabulary term MUST NOT be included." "td-security-oauth2-code-flow","null","For the code flow both authorization and token vocabulary terms MUST be included." "td-security-overrides","null","Security definitions MAY also be activated at the level of the form elements by including a security member in form objects, which overrides (i.e., completely replace) all definitions activated at the Thing level." +"td-security-remote-context","null","Constrained implementations SHOULD NOT follow links to remote contexts." "td-security-scheme-name","null","The value assigned to the name scheme MUST be defined within a Vocabulary included in the Thing Description, either in the standard Vocabulary defined in § 5. TD Information Model or in a TD Context Extension." "td-security-schemes","null","All name-value pairs of an instance of one of the Subclasses of SecurityScheme, where the name is a Vocabulary Term included in the Signature of that Subclass or in the Signature of SecurityScheme, MUST be serialized as members of the JSON object that results from serializing the SecurityScheme Subclass's instance, with the Vocabulary Term as name." +"td-security-security-vocab-auto-in-no-name","null","If a value of auto is set for the in field of a SecurityScheme, then the name field SHOULD NOT be set." +"td-security-server-auth-td","null","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." +"td-security-static-context","null","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." "td-security-uri-variables-distinct","null","The names of URI variables declared in a SecurityScheme MUST be distinct from all other URI variables declared in the TD." +"td-security-vuln-auto","null","The auto security scheme MAY be used if vulnerability scanning is a concern." +"td-server-data-schema","null","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." +"td-server-data-schema-extras","null","A Thing MAY return additional data from an interaction even when such data is not described in the data schemas given in its WoT Thing Description." +"td-server-uri-template","null","URI Templates, base URIs, and href members in a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." "td-string-type","null","Values that are of type string or anyURI MUST be serialized as JSON strings." "td-text-at-direction","null","Given that the Thing Description format is based on JSON-LD 1.1 [[?json-ld11]], @direction with the string values ""ltr"", ""rtl"" and null value null MAY be used inside the @context to indicate the default text direction for the human readable strings in the entire TD document." "td-text-direction-first-strong","null","When metadata such as @direction is not present, TD Consumers SHOULD use first-strong detection as a fallback." @@ -412,13 +412,6 @@ "td-vocab-version--Thing","null","versionProvides version information.optionalVersionInfo" "td-vocab-writeOnly--DataSchema","null","writeOnlyBoolean value that is a hint to indicate whether a property interaction / value is write only (=true) or not (=false).with defaultboolean" "td-vocabulary-defaults","null","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions." -"thing-model-td-generation-processor-extends","null","If used, links element entry with ""rel"":""tm:extends"" MUST be removed from the current Partial TD" -"thing-model-td-generation-processor-forms","null","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." -"thing-model-td-generation-processor-imports","null","Copy all definitions from the input Thing Model to the resulting Partial TD instance. If used, the extension and imports feature MUST be resolved and represented in the Partial TD instance according to ." -"thing-model-td-generation-processor-optional","null","All optional interactions (listed in tm:optional) MAY be taken over to the Partial TD instance." -"thing-model-td-generation-processor-placeholder","null","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." -"thing-model-td-generation-processor-required","null","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." -"thing-model-td-generation-processor-type","null","The tm:ThingModel value of the top-level @type MUST be removed in the Partial TD instance." "tm-compose-instanceName","null","Optionally an instanceName MAY be provided to associate an individual name to the composed (sub-) Thing Model." "tm-compose-name-collision","null","Thereby the generation process MUST avoid possible name collisions." "tm-compose-submodel","null","If it is desired to provide information that a Thing Model consists of one or more (sub-)Thing Models, the links entries MUST use the ""rel"": ""tm:submodel"" that targets to the (sub-) Thing Models." @@ -437,6 +430,13 @@ "tm-ref-recursive-extensions","null","Recursive extensions leading to an infinite loop MUST NOT be defined." "tm-rel-type-maximum","null","The links array MUST use the entry with ""rel"": ""type"" a maximum of once." "tm-td-generation-inconsistencies","null","A Thing Model MUST be defined in such a way that there are no inconsistencies that would result in a Thing Description not being able to meet the requirements as described in Section and ." +"tm-td-generation-processor-extends","null","If used, links element entry with ""rel"":""tm:extends"" MUST be removed from the current Partial TD" +"tm-td-generation-processor-forms","null","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." +"tm-td-generation-processor-imports","null","Copy all definitions from the input Thing Model to the resulting Partial TD instance. If used, the extension and imports feature MUST be resolved and represented in the Partial TD instance according to ." +"tm-td-generation-processor-optional","null","All optional interactions (listed in tm:optional) MAY be taken over to the Partial TD instance." +"tm-td-generation-processor-placeholder","null","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." +"tm-td-generation-processor-required","null","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." +"tm-td-generation-processor-type","null","The tm:ThingModel value of the top-level @type MUST be removed in the Partial TD instance." "tm-tmOptional","null","If interaction models are not mandatory to be implemented in a Thing Description instance, Thing Model definitions MUST use the JSON member name tm:optional." "tm-tmOptional-JSONPointer","null","The value of tm:optional MUST provide JSON Pointer [[RFC6901]] references to the required interaction model definitions." "tm-tmOptional-array","null","tm:optional MUST be a JSON array at the top level." @@ -449,4 +449,4 @@ "tm-tmRef2","null","Every time tm:ref is used, the referenced pre-definition and its dependencies (e.g., by context extension) MUST be assumed at the new defined definition." "tm-versioning-1","null","When the Thing Model definitions change over time, this SHOULD be reflected in the version container." "tm-versioning-2","null","Due to the definition of Thing Model the term instance MUST be omitted within the version container." -"well-known-operation-types-only","null","operations types MUST be restricted to the values in the table below." +"well-known-operation-types-only","null","operations types MUST be restricted to the values in the table below." \ No newline at end of file From 941864a564068f8fe1841e4410f5995edc84ffa6 Mon Sep 17 00:00:00 2001 From: Ege Korkan Date: Thu, 29 Feb 2024 14:54:06 +0100 Subject: [PATCH 5/5] update automated files --- .../assertions/assertions-csv/changelog.md | 34 ++-- .../assertions/assertions-csv/implemented.csv | 18 +- .../pre-implemented.csv | 77 ++++---- packages/assertions/assertions-csv/manual.csv | 56 +++--- packages/assertions/assertions-csv/old.csv | 5 +- .../assertions/assertions-csv/oldManual.csv | 170 +++++++++--------- .../assertions/assertions-csv/report.json | 2 +- 7 files changed, 182 insertions(+), 180 deletions(-) diff --git a/packages/assertions/assertions-csv/changelog.md b/packages/assertions/assertions-csv/changelog.md index 2f909df0d..c5dc81ff2 100644 --- a/packages/assertions/assertions-csv/changelog.md +++ b/packages/assertions/assertions-csv/changelog.md @@ -1,5 +1,5 @@ -# CSV Changelog - 08/10/2023 +# CSV Changelog - 29/02/2024 [Old CSV Path](assertions-csv/oldManual.csv) [New CSV Path](assertions-csv/manual.csv) @@ -7,23 +7,23 @@ ## REMOVED -- `privacy-immutable-id-as-property` was removed +- `td-privacy-immutable-id-as-property` was removed - `security-context-secure-fetch` was removed ## LINE-CHANGE -- `privacy-mutable-identifiers` was moved from Line 51 to 50 -- `privacy-temp-id-metadata` was moved from Line 52 to 51 -- `sec-body-name-json-pointer-type` was moved from Line 53 to 52 -- `sec-inj-no-intl-markup` was moved from Line 54 to 53 -- `security-jsonld-expansion` was moved from Line 56 to 54 -- `security-mutual-auth-td` was moved from Line 57 to 55 -- `security-no-execution` was moved from Line 58 to 56 -- `security-oauth-limits` was moved from Line 59 to 57 -- `security-remote-context` was moved from Line 60 to 58 -- `security-server-auth-td` was moved from Line 61 to 59 -- `security-static-context` was moved from Line 62 to 60 +- `td-privacy-mutable-identifiers` was moved from Line 51 to 50 +- `td-privacy-temp-id-metadata` was moved from Line 52 to 51 +- `td-security-body-name-json-pointer-type` was moved from Line 53 to 52 +- `td-security-inj-no-intl-markup` was moved from Line 54 to 53 +- `td-security-jsonld-expansion` was moved from Line 56 to 54 +- `td-security-mutual-auth-td` was moved from Line 57 to 55 +- `td-security-no-execution` was moved from Line 58 to 56 +- `td-security-oauth-limits` was moved from Line 59 to 57 +- `td-security-remote-context` was moved from Line 60 to 58 +- `td-security-server-auth-td` was moved from Line 61 to 59 +- `td-security-static-context` was moved from Line 62 to 60 - `td-context-ns-td10-namespacev10` was moved from Line 63 to 61 - `td-default-AdditionalResponseContentType` was moved from Line 64 to 62 - `td-default-observable` was moved from Line 65 to 63 @@ -32,10 +32,10 @@ - `td-security-extension` was moved from Line 68 to 66 - `td-text-direction-first-strong` was moved from Line 69 to 67 - `td-text-direction-language-tag` was moved from Line 70 to 68 -- `thing-model-td-generation-processor-extends` was moved from Line 71 to 69 -- `thing-model-td-generation-processor-forms` was moved from Line 72 to 70 -- `thing-model-td-generation-processor-placeholder` was moved from Line 73 to 71 -- `thing-model-td-generation-processor-required` was moved from Line 74 to 72 +- `tm-td-generation-processor-extends` was moved from Line 71 to 69 +- `tm-td-generation-processor-forms` was moved from Line 72 to 70 +- `tm-td-generation-processor-placeholder` was moved from Line 73 to 71 +- `tm-td-generation-processor-required` was moved from Line 74 to 72 - `tm-derivation-validity` was moved from Line 75 to 73 - `tm-overwrite-interaction` was moved from Line 76 to 74 - `tm-overwrite-types` was moved from Line 77 to 75 diff --git a/packages/assertions/assertions-csv/implemented.csv b/packages/assertions/assertions-csv/implemented.csv index 67126c141..8181579a7 100644 --- a/packages/assertions/assertions-csv/implemented.csv +++ b/packages/assertions/assertions-csv/implemented.csv @@ -1,10 +1,4 @@ "ID","Status","Comment","Assertion" -"privacy-distributed-ids","null",,"TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." -"privacy-id-metadata","null",,"TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." -"sec-body-name-json-pointer","null",,"When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with." -"sec-body-name-json-pointer-array","null",,"The JSON pointer used in the body locator MAY use the - character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array" -"sec-security-vocab-auto-in-no-name","null",,"" -"sec-vuln-auto","null",,"" "td-action-arrays","null",,"The type of the members forms MUST be serialized as a JSON array." "td-action-names","null",,"" "td-action-names_at-type","null",,"Each optional vocabulary term as defined in the class Action and its superclass InteractionPattern MUST be serialized as a JSON name within an Action object." @@ -132,6 +126,8 @@ "td-op-for-event","null",,"When a forms term member is present in an Event instance, the value(s) of op in the forms MUST be one of subscribeevent or unsubscribeevent." "td-op-for-property","null",,"When a forms term member is present in a Property instance, the value(s) of op in the forms MUST be one of readproperty, writeproperty or observeproperty." "td-op-for-thing","null",,"When a forms term member is present in a Thing instance, the value(s) of op in the forms MUST be one of readallproperties, writeallproperties, readmultipleproperties or writemultipleproperties." +"td-privacy-distributed-ids","null",,"TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." +"td-privacy-id-metadata","null",,"TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." "td-processor","null",,"" "td-properties","null",,"" "td-properties_existence","null",,"Properties (and sub-properties) offered by a Thing MUST be collected in the JSON-object based properties member with (unique) Property names as JSON names. (Checking their existence)" @@ -174,6 +170,8 @@ "td-security-bearer-format-extensions_alg","null",,"alg: Encoding, encryption, or digest algorithm (one of MD5, ES256, or ES512-256). MUST be included. Type: string." "td-security-bearer-format-extensions_format","null",,"alg: Encoding, encryption, or digest algorithm (one of MD5, ES256, or ES512-256). MUST be included. Type: string." "td-security-binding","null",,"" +"td-security-body-name-json-pointer","null",,"When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with." +"td-security-body-name-json-pointer-array","null",,"The JSON pointer used in the body locator MAY use the - character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array" "td-security-combo-deprecation","null",,"" "td-security-combo-exclusive-oneof-or-allof","null",,"Exactly one of either oneOf or allOf MUST be included." "td-security-in-query-over-uri","null",,"The value uri SHOULD be specified for the name in in a security scheme only if query is not applicable." @@ -185,7 +183,9 @@ "td-security-overrides","null",,"" "td-security-scheme-name","null",,"" "td-security-schemes","null",,"" +"td-security-security-vocab-auto-in-no-name","null",,"" "td-security-uri-variables-distinct","null",,"" +"td-security-vuln-auto","null",,"" "td-string-type","null",,"" "td-text-at-direction","null",,"Given that the Thing Description format is based on JSON-LD 1.1 [[?json-ld11]], @direction with the string values ltr, rtl and null value null MAY be used inside the @context to indicate the default text direction for the human readable strings in the entire TD document." "td-title-description","null",,"" @@ -347,11 +347,11 @@ "td-vocab-uriVariables--Thing","null",,"forms: Indicates one or more endpoints at which operation(s) on this resource are accessible. In this version of TD, all operations that can be described at the Thing level are concerning how to interact with the Thing's Property interaction resources collectively at once. MAY be included. Type: array of Form." "td-vocab-version--Thing","null",,"The version container MAY be used to provide additional application and/or device specific version information based on terms from non-TD namespaces." "td-vocab-writeOnly--DataSchema","null",,"writeOnly: Boolean value that indicates whether a property interaction / value is write only (=true) or not (=false). MUST be included. Type: boolean." -"thing-model-td-generation-processor-imports","null",,"" -"thing-model-td-generation-processor-optional","null",,"" -"thing-model-td-generation-processor-type","null",,"" "tm-compose-name-collision","null",,"" "tm-rel-type-maximum","null",,"" +"tm-td-generation-processor-imports","null",,"" +"tm-td-generation-processor-optional","null",,"" +"tm-td-generation-processor-type","null",,"" "well-known-operation-types-only","null",,"" "tm-compose-instanceName","null",,"" "tm-compose-submodel","null",,"" diff --git a/packages/assertions/assertions-csv/manual-generation-inputs/pre-implemented.csv b/packages/assertions/assertions-csv/manual-generation-inputs/pre-implemented.csv index b43da8c28..c5d201d88 100644 --- a/packages/assertions/assertions-csv/manual-generation-inputs/pre-implemented.csv +++ b/packages/assertions/assertions-csv/manual-generation-inputs/pre-implemented.csv @@ -1,10 +1,4 @@ "ID","Status","Comment","Assertion" -"privacy-distributed-ids","not-impl","data/id must match pattern ""^(urn:uuid:)[a-f0-9]{8}-?[a-f0-9]{4}-?4[a-f0-9]{3}-?[89ab][a-f0-9]{3}-?[a-f0-9]{12}""","TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." -"privacy-id-metadata","not-impl","data/id must match pattern ""^(urn:uuid:)[a-f0-9]{8}-?[a-f0-9]{4}-?4[a-f0-9]{3}-?[89ab][a-f0-9]{3}-?[a-f0-9]{12}""","TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." -"sec-body-name-json-pointer","not-impl",,"When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with." -"sec-body-name-json-pointer-array","not-impl",,"The JSON pointer used in the body locator MAY use the - character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array" -"sec-security-vocab-auto-in-no-name","not-impl",, -"sec-vuln-auto","not-impl",, "td-action-arrays","not-impl","data must have required property 'actions'","The type of the members forms MUST be serialized as a JSON array." "td-action-names","not-impl","Error message can be seen in the children assertions", "td-action-names_at-type","not-impl",,"Each optional vocabulary term as defined in the class Action and its superclass InteractionPattern MUST be serialized as a JSON name within an Action object." @@ -132,6 +126,8 @@ "td-op-for-event","not-impl",,"When a forms term member is present in an Event instance, the value(s) of op in the forms MUST be one of subscribeevent or unsubscribeevent. " "td-op-for-property","not-impl",,"When a forms term member is present in a Property instance, the value(s) of op in the forms MUST be one of readproperty, writeproperty or observeproperty. " "td-op-for-thing","not-impl",,"When a forms term member is present in a Thing instance, the value(s) of op in the forms MUST be one of readallproperties, writeallproperties, readmultipleproperties or writemultipleproperties. " +"td-privacy-distributed-ids","not-impl","data/id must match pattern ""^(urn:uuid:)[a-f0-9]{8}-?[a-f0-9]{4}-?4[a-f0-9]{3}-?[89ab][a-f0-9]{3}-?[a-f0-9]{12}""","TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." +"td-privacy-id-metadata","not-impl","data/id must match pattern ""^(urn:uuid:)[a-f0-9]{8}-?[a-f0-9]{4}-?4[a-f0-9]{3}-?[89ab][a-f0-9]{3}-?[a-f0-9]{12}""","TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." "td-processor","pass",, "td-properties","not-impl","Error message can be seen in the children assertions", "td-properties_existence","not-impl","data must have required property 'properties'"," Properties (and sub-properties) offered by a Thing MUST be collected in the JSON-object based properties member with (unique) Property names as JSON names. (Checking their existence)" @@ -174,6 +170,8 @@ "td-security-bearer-format-extensions_alg","not-impl",,"alg: Encoding, encryption, or digest algorithm (one of MD5, ES256, or ES512-256). MUST be included. Type: string." "td-security-bearer-format-extensions_format","not-impl",,"alg: Encoding, encryption, or digest algorithm (one of MD5, ES256, or ES512-256). MUST be included. Type: string." "td-security-binding","pass","result of a merge", +"td-security-body-name-json-pointer","not-impl",,"When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with." +"td-security-body-name-json-pointer-array","not-impl",,"The JSON pointer used in the body locator MAY use the - character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array" "td-security-combo-deprecation","not-impl",, "td-security-combo-exclusive-oneof-or-allof","not-impl",,"Exactly one of either oneOf or allOf MUST be included." "td-security-in-query-over-uri","not-impl",,"The value uri SHOULD be specified for the name in in a security scheme only if query is not applicable." @@ -186,7 +184,9 @@ "td-security-overrides","not-impl",, "td-security-scheme-name","pass",, "td-security-schemes","pass",, +"td-security-security-vocab-auto-in-no-name","not-impl",, "td-security-uri-variables-distinct","not-impl","no use of name in a uri apikey scheme", +"td-security-vuln-auto","not-impl",, "td-string-type","pass","result of a merge", "td-text-at-direction","not-impl","data/@context must be array","Given that the Thing Description format is based on JSON-LD 1.1 [[?json-ld11]], @direction with the string values ltr, rtl and null value null MAY be used inside the @context to indicate the default text direction for the human readable strings in the entire TD document." "td-title-description","not-impl","Error message can be seen in the children assertions", @@ -348,22 +348,22 @@ "td-vocab-uriVariables--Thing","not-impl","data must have required property 'uriVariables'","forms: Indicates one or more endpoints at which operation(s) on this resource are accessible. In this version of TD, all operations that can be described at the Thing level are concerning how to interact with the Thing's Property interaction resources collectively at once. MAY be included. Type: array of Form." "td-vocab-version--Thing","not-impl","data must have required property 'version'","The version container MAY be used to provide additional application and/or device specific version information based on terms from non-TD namespaces." "td-vocab-writeOnly--DataSchema","not-impl",,"writeOnly: Boolean value that indicates whether a property interaction / value is write only (=true) or not (=false). MUST be included. Type: boolean." -"thing-model-td-generation-processor-imports","not-impl","td does not link to tm", -"thing-model-td-generation-processor-optional","not-impl","td does not link to tm", -"thing-model-td-generation-processor-type","not-impl","td does not link to tm", "tm-compose-name-collision","not-impl",, "tm-rel-type-maximum","not-impl","no links array in the td", +"tm-td-generation-processor-imports","not-impl","td does not link to tm", +"tm-td-generation-processor-optional","not-impl","td does not link to tm", +"tm-td-generation-processor-type","not-impl","td does not link to tm", "well-known-operation-types-only","not-impl","result of a merge", -"bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." -"bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." -"client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions." -"client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing." -"client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing." -"client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing." -"sec-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." -"server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." -"server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description." -"server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." +"td-bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." +"td-bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." +"td-client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions." +"td-client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing." +"td-client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing." +"td-client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing." +"td-security-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." +"td-server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." +"td-server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description." +"td-server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." "td-context-default-language-direction-independence","null","not testable with Assertion Tester","However, when interpreting human-readable text, each human-readable string value MUST be processed independently." "td-default-alg","null","not testable with Assertion Tester","BearerSecurityScheme alg ES256" "td-default-contentType","null","not testable with Assertion Tester","Form contentType application/json" @@ -400,22 +400,22 @@ "td-security-no-extras","null","not testable with Assertion Tester","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description." "td-security-no-secrets","null","not testable with Assertion Tester","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms." "td-vocabulary-defaults","null","not testable with Assertion Tester","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions." -"privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing." -"privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority." -"privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." -"privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier." -"privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." -"privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." -"sec-body-name-json-pointer-type","null","not testable with Assertion Tester","." -"sec-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." +"td-privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing." +"td-privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority." +"td-privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." +"td-privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier." +"td-privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." +"td-privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." +"td-security-body-name-json-pointer-type","null","not testable with Assertion Tester","." +"td-security-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." "security-context-secure-fetch","null","not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given." -"security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." -"security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." -"security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." -"security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." -"security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts." -"security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." -"security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." +"td-security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." +"td-security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." +"td-security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." +"td-security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." +"td-security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts." +"td-security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." +"td-security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." "td-context-ns-td10-namespacev10","null","not testable with Assertion Tester","TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description]] specification." "td-default-AdditionalResponseContentType","null","not testable with Assertion Tester","AdditionalExpectedResponse contentType value of the contentType of the Form element it belongs to." "td-default-observable","null","not testable with Assertion Tester","PropertyAffordance observable false" @@ -424,6 +424,7 @@ "td-security-extension","null","not testable with Assertion Tester","Additional security schemes MUST be Subclasses of the Class SecurityScheme." "td-text-direction-first-strong","null","not testable with Assertion Tester","When metadata such as @direction is not present, TD Consumers SHOULD use [=first-strong detection=] as a fallback." "td-text-direction-language-tag","null","not testable with Assertion Tester","For the MultiLanguage Map, TD Consumers MAY infer the [=base direction=] from the language tag of the individual strings." +"ID","Status","Comment","Assertion" "tm-compose-instanceName","not-impl",, "tm-compose-submodel","not-impl",, "tm-context-requirement","pass",, @@ -442,10 +443,10 @@ "tm-tmRef-usecase","not-impl",, "tm-tmRef1","not-impl",, "tm-versioning-2","not-impl","data must have required property 'version'", -"thing-model-td-generation-processor-extends","null","not testable with Assertion Tester","If used" -"thing-model-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." -"thing-model-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." -"thing-model-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." +"tm-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with rel:tm:extends MUST be removed from the current Partial TD" +"tm-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." +"tm-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." +"tm-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." "tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model." "tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model." "tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions." diff --git a/packages/assertions/assertions-csv/manual.csv b/packages/assertions/assertions-csv/manual.csv index 1d6d86e3a..43e5563af 100644 --- a/packages/assertions/assertions-csv/manual.csv +++ b/packages/assertions/assertions-csv/manual.csv @@ -1,14 +1,14 @@ "ID","Status","Comment","Assertion" -"bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." -"bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." -"client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions." -"client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing." -"client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing." -"client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing." -"sec-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." -"server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." -"server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description." -"server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." +"td-bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." +"td-bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." +"td-client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions." +"td-client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing." +"td-client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing." +"td-client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing." +"td-security-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." +"td-server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." +"td-server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description." +"td-server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." "td-context-default-language-direction-independence","null","not testable with Assertion Tester","However, when interpreting human-readable text, each human-readable string value MUST be processed independently." "td-default-alg","null","not testable with Assertion Tester","BearerSecurityScheme alg ES256" "td-default-contentType","null","not testable with Assertion Tester","Form contentType application/json" @@ -45,20 +45,20 @@ "td-security-no-extras","null","not testable with Assertion Tester","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description." "td-security-no-secrets","null","not testable with Assertion Tester","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms." "td-vocabulary-defaults","null","not testable with Assertion Tester","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions." -"privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing." -"privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority." -"privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." -"privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." -"privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." -"sec-body-name-json-pointer-type","null","not testable with Assertion Tester","." -"sec-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." -"security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." -"security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." -"security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." -"security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." -"security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts." -"security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." -"security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." +"td-privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing." +"td-privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority." +"td-privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." +"td-privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." +"td-privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." +"td-security-body-name-json-pointer-type","null","not testable with Assertion Tester","." +"td-security-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." +"td-security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." +"td-security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." +"td-security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." +"td-security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." +"td-security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts." +"td-security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." +"td-security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." "td-context-ns-td10-namespacev10","null","not testable with Assertion Tester","TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description]] specification." "td-default-AdditionalResponseContentType","null","not testable with Assertion Tester","AdditionalExpectedResponse contentType value of the contentType of the Form element it belongs to." "td-default-observable","null","not testable with Assertion Tester","PropertyAffordance observable false" @@ -67,10 +67,10 @@ "td-security-extension","null","not testable with Assertion Tester","Additional security schemes MUST be Subclasses of the Class SecurityScheme." "td-text-direction-first-strong","null","not testable with Assertion Tester","When metadata such as @direction is not present, TD Consumers SHOULD use [=first-strong detection=] as a fallback." "td-text-direction-language-tag","null","not testable with Assertion Tester","For the MultiLanguage Map, TD Consumers MAY infer the [=base direction=] from the language tag of the individual strings." -"thing-model-td-generation-processor-extends","null","not testable with Assertion Tester","If used" -"thing-model-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." -"thing-model-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." -"thing-model-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." +"tm-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with rel:tm:extends MUST be removed from the current Partial TD" +"tm-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." +"tm-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." +"tm-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." "tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model." "tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model." "tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions." diff --git a/packages/assertions/assertions-csv/old.csv b/packages/assertions/assertions-csv/old.csv index f44060784..0e35a353a 100644 --- a/packages/assertions/assertions-csv/old.csv +++ b/packages/assertions/assertions-csv/old.csv @@ -1,4 +1,5 @@ "ID","Status","Comment","Assertion" "td-security-oauth2-device-flow",,"not testable with Assertion Tester","For the device flow both authorization and token MUST be included." -"privacy-immutable-id-as-property",,"not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier." -"security-context-secure-fetch",,"not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given." \ No newline at end of file +"td-privacy-immutable-id-as-property",,"not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier." +"security-context-secure-fetch",,"not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given." +"ID",,"not testable with Assertion Tester","Assertion" \ No newline at end of file diff --git a/packages/assertions/assertions-csv/oldManual.csv b/packages/assertions/assertions-csv/oldManual.csv index 6330dbbf5..8bbdb06cd 100644 --- a/packages/assertions/assertions-csv/oldManual.csv +++ b/packages/assertions/assertions-csv/oldManual.csv @@ -1,85 +1,85 @@ -"ID","Status","Comment","Assertion" -"bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." -"bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." -"client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions." -"client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing." -"client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing." -"client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing." -"sec-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." -"server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." -"server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description." -"server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." -"td-context-default-language-direction-independence","null","not testable with Assertion Tester","However, when interpreting human-readable text, each human-readable string value MUST be processed independently." -"td-default-alg","null","not testable with Assertion Tester","BearerSecurityScheme alg ES256" -"td-default-contentType","null","not testable with Assertion Tester","Form contentType application/json" -"td-default-format","null","not testable with Assertion Tester","BearerSecurityScheme format jwt" -"td-default-http-method","null","not testable with Assertion Tester","When no method is indicated in a form representing an Protocol Binding based on HTTP, a Default Value MUST be assumed as shown in the following table." -"td-default-http-method_get","null","not testable with Assertion Tester","htv:methodName GET Form with operation type readproperty, readallproperties, readmultipleproperties" -"td-default-http-method_post","null","not testable with Assertion Tester","htv:methodName POST Form with operation type invokeaction" -"td-default-http-method_put","null","not testable with Assertion Tester","htv:methodName PUT Form with operation type writeproperty, writeallproperties, writemultipleproperties" -"td-default-idempotent","null","not testable with Assertion Tester","ActionAffordance idempotent false" -"td-default-in-apikey","null","not testable with Assertion Tester","APIKeySecurityScheme in query" -"td-default-in-basic","null","not testable with Assertion Tester","BasicSecurityScheme in header" -"td-default-in-bearer","null","not testable with Assertion Tester","BearerSecurityScheme in header" -"td-default-in-digest","null","not testable with Assertion Tester","DigestSecurityScheme in header" -"td-default-op-actions","null","not testable with Assertion Tester","Form op invokeaction If defined within an instance of ActionAffordance" -"td-default-op-events","null","not testable with Assertion Tester","Form op Array of string with the elements subscribeevent and unsubscribeevent If defined within an instance of EventAffordance" -"td-default-op-properties","null","not testable with Assertion Tester","Form op Array of string with the elements readproperty and writeproperty when readOnly and writeOnly are set to false or Array of string with the element readproperty when readOnly is set to true or Array of string with the element writeproperty when writeOnly is set to true. If defined within an instance of PropertyAffordance" -"td-default-qop","null","not testable with Assertion Tester","DigestSecurityScheme qop auth" -"td-default-readOnly","null","not testable with Assertion Tester","PropertyAffordance readOnly false The default value for this vocabulary term applies only to the PropertyAffordance level definition. In other contexts, such as DataSchema definitions, the vocabulary term is optional." -"td-default-safe","null","not testable with Assertion Tester","ActionAffordance safe false" -"td-default-success","null","not testable with Assertion Tester","AdditionalExpectedResponse success false" -"td-default-writeOnly","null","not testable with Assertion Tester","PropertyAffordance writeOnly false The default value for this vocabulary term applies only to the PropertyAffordance level definition. In other contexts, such as DataSchema definitions, the vocabulary term is optional." -"td-expectedResponse-default-contentType","null","not testable with Assertion Tester","If no response name-value pair is provided, it MUST be assumed that the content type of the response is equal to the content type assigned to the Form instance." -"td-form-protocolbindings","null","not testable with Assertion Tester","If required, form objects MAY be supplemented with protocol-specific Vocabulary Terms identified with a prefix." -"td-format-validation-other-values","null","not testable with Assertion Tester","When a value that is not found in the known set of values is assigned to format, such a validation SHOULD succeed." -"td-json-open","null","not testable with Assertion Tester","TDs MUST be serialized according to the requirements defined in Section 8.1 of RFC8259 [[!RFC8259]] for open ecosystems." -"td-json-open_accept-byte-order","null","not testable with Assertion Tester","TD Processors MAY ignore the presence of a byte order mark rather than treating it as an error." -"td-json-open_no-byte-order","null","not testable with Assertion Tester","Implementations MUST NOT add a byte order mark (U+FEFF) to the beginning of a TD document." -"td-ns-multilanguage-content-negotiation","null","not testable with Assertion Tester","In cases where the default language has been negotiated, an @language member MUST be present to indicate the result of the negotiation and the corresponding default language of the returned content." -"td-ns-multilanguage-content-negotiation-no-multi","null","not testable with Assertion Tester","When the default language has been negotiated successfully, TD documents SHOULD include the appropriate matching values for the members title and description in preference to MultiLanguage objects in titles and descriptions members." -"td-ns-multilanguage-content-negotiation-optional","null","not testable with Assertion Tester","Note however that Things MAY choose to not support such dynamically-generated TDs nor to support language negotiation (e.g., because of resource constraints)." -"td-processor-serialization","null","not testable with Assertion Tester","A TD Processor MUST be able to serialize Thing Descriptions into the JSON format [[!RFC8259]] and/or deserialize Thing Descriptions from that format, according to the rules noted in and ." -"td-security-binding","null","not testable with Assertion Tester","If a Thing requires a specific access mechanism for an interaction, that mechanism MUST be specified in the security configuration of the Thing Description." -"td-security-in-query-over-uri","null","not testable with Assertion Tester","The value uri SHOULD be specified for the name in in a security scheme only if query is not applicable." -"td-security-no-extras","null","not testable with Assertion Tester","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description." -"td-security-no-secrets","null","not testable with Assertion Tester","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms." -"td-vocabulary-defaults","null","not testable with Assertion Tester","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions." -"privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing." -"privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority." -"privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." -"privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier." -"privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." -"privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." -"sec-body-name-json-pointer-type","null","not testable with Assertion Tester","." -"sec-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." -"security-context-secure-fetch","null","not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given." -"security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." -"security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." -"security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." -"security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." -"security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts." -"security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." -"security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." -"td-context-ns-td10-namespacev10","null","not testable with Assertion Tester","TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description]] specification." -"td-default-AdditionalResponseContentType","null","not testable with Assertion Tester","AdditionalExpectedResponse contentType value of the contentType of the Form element it belongs to." -"td-default-observable","null","not testable with Assertion Tester","PropertyAffordance observable false" -"td-processor-bidi-isolation","null","not testable with Assertion Tester","TD Processors SHOULD take care to use bidi isolation when presenting strings to users, particularly when embedding in surrounding text (e.g., for Web user interface)" -"td-producer-mixed-direction","null","not testable with Assertion Tester","TD producers SHOULD attempt to provide mixed direction strings in a way that can be displayed successfully by a naive user agent." -"td-security-extension","null","not testable with Assertion Tester","Additional security schemes MUST be Subclasses of the Class SecurityScheme." -"td-text-direction-first-strong","null","not testable with Assertion Tester","When metadata such as @direction is not present, TD Consumers SHOULD use [=first-strong detection=] as a fallback." -"td-text-direction-language-tag","null","not testable with Assertion Tester","For the MultiLanguage Map, TD Consumers MAY infer the [=base direction=] from the language tag of the individual strings." -"thing-model-td-generation-processor-extends","null","not testable with Assertion Tester","If used" -"thing-model-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." -"thing-model-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." -"thing-model-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." -"tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model." -"tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model." -"tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions." -"tm-placeholder-replacement","null","not testable with Assertion Tester","The placeholder labeling MUST be substituted with a concrete value (e.g., as JSON number, JSON string, JSON object, etc) when TD instance is created from the Thing Model." -"tm-ref-recursive-extensions","null","not testable with Assertion Tester","Recursive extensions leading to an infinite loop MUST NOT be defined." -"tm-tmRef-overwrite-possibility","null","not testable with Assertion Tester","If the intention is to override an existing JSON name-value pair definition from tm:ref, the same JSON name MUST be used at the same level of the tm:ref declaration that provides a new value." -"tm-tmRef-overwrite-process","null","not testable with Assertion Tester","The process to overwrite MUST follow the JSON Merge Patch algorithm as defined in [RFC7396] where the content of the referenced definition is patched with the new provided JSON name-value pairs." -"tm-tmRef-overwrite-semantic-meaning","null","not testable with Assertion Tester","Similar to tm:extends and to keep the semantic meaning, definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin referenced definition." -"tm-tmRef2","null","not testable with Assertion Tester","Every time tm:ref is used, the referenced pre-definition and its dependencies (e.g., by context extension) MUST be assumed at the new defined definition." -"tm-versioning-1","null","not testable with Assertion Tester","When the Thing Model definitions change over time, this SHOULD be reflected in the version container." +"ID","Status","Comment","Assertion", +"td-bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member.", +"td-bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction.","" +"td-client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions.", +"td-client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing.", +"td-client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing.", +"td-client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing.", +"td-security-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer.", +"td-server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction.", +"td-server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description.", +"td-server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing.", +"td-context-default-language-direction-independence","null","not testable with Assertion Tester","However, when interpreting human-readable text, each human-readable string value MUST be processed independently.", +"td-default-alg","null","not testable with Assertion Tester","BearerSecurityScheme alg ES256", +"td-default-contentType","null","not testable with Assertion Tester","Form contentType application/json", +"td-default-format","null","not testable with Assertion Tester","BearerSecurityScheme format jwt", +"td-default-http-method","null","not testable with Assertion Tester","When no method is indicated in a form representing an Protocol Binding based on HTTP, a Default Value MUST be assumed as shown in the following table.", +"td-default-http-method_get","null","not testable with Assertion Tester","htv:methodName GET Form with operation type readproperty, readallproperties, readmultipleproperties", +"td-default-http-method_post","null","not testable with Assertion Tester","htv:methodName POST Form with operation type invokeaction", +"td-default-http-method_put","null","not testable with Assertion Tester","htv:methodName PUT Form with operation type writeproperty, writeallproperties, writemultipleproperties", +"td-default-idempotent","null","not testable with Assertion Tester","ActionAffordance idempotent false", +"td-default-in-apikey","null","not testable with Assertion Tester","APIKeySecurityScheme in query", +"td-default-in-basic","null","not testable with Assertion Tester","BasicSecurityScheme in header", +"td-default-in-bearer","null","not testable with Assertion Tester","BearerSecurityScheme in header", +"td-default-in-digest","null","not testable with Assertion Tester","DigestSecurityScheme in header", +"td-default-op-actions","null","not testable with Assertion Tester","Form op invokeaction If defined within an instance of ActionAffordance", +"td-default-op-events","null","not testable with Assertion Tester","Form op Array of string with the elements subscribeevent and unsubscribeevent If defined within an instance of EventAffordance", +"td-default-op-properties","null","not testable with Assertion Tester","Form op Array of string with the elements readproperty and writeproperty when readOnly and writeOnly are set to false or Array of string with the element readproperty when readOnly is set to true or Array of string with the element writeproperty when writeOnly is set to true. If defined within an instance of PropertyAffordance", +"td-default-qop","null","not testable with Assertion Tester","DigestSecurityScheme qop auth", +"td-default-readOnly","null","not testable with Assertion Tester","PropertyAffordance readOnly false The default value for this vocabulary term applies only to the PropertyAffordance level definition. In other contexts, such as DataSchema definitions, the vocabulary term is optional.", +"td-default-safe","null","not testable with Assertion Tester","ActionAffordance safe false", +"td-default-success","null","not testable with Assertion Tester","AdditionalExpectedResponse success false", +"td-default-writeOnly","null","not testable with Assertion Tester","PropertyAffordance writeOnly false The default value for this vocabulary term applies only to the PropertyAffordance level definition. In other contexts, such as DataSchema definitions, the vocabulary term is optional.", +"td-expectedResponse-default-contentType","null","not testable with Assertion Tester","If no response name-value pair is provided, it MUST be assumed that the content type of the response is equal to the content type assigned to the Form instance.", +"td-form-protocolbindings","null","not testable with Assertion Tester","If required, form objects MAY be supplemented with protocol-specific Vocabulary Terms identified with a prefix.", +"td-format-validation-other-values","null","not testable with Assertion Tester","When a value that is not found in the known set of values is assigned to format, such a validation SHOULD succeed.", +"td-json-open","null","not testable with Assertion Tester","TDs MUST be serialized according to the requirements defined in Section 8.1 of RFC8259 [[!RFC8259]] for open ecosystems.", +"td-json-open_accept-byte-order","null","not testable with Assertion Tester","TD Processors MAY ignore the presence of a byte order mark rather than treating it as an error.", +"td-json-open_no-byte-order","null","not testable with Assertion Tester","Implementations MUST NOT add a byte order mark (U+FEFF) to the beginning of a TD document.", +"td-ns-multilanguage-content-negotiation","null","not testable with Assertion Tester","In cases where the default language has been negotiated, an @language member MUST be present to indicate the result of the negotiation and the corresponding default language of the returned content.", +"td-ns-multilanguage-content-negotiation-no-multi","null","not testable with Assertion Tester","When the default language has been negotiated successfully, TD documents SHOULD include the appropriate matching values for the members title and description in preference to MultiLanguage objects in titles and descriptions members.", +"td-ns-multilanguage-content-negotiation-optional","null","not testable with Assertion Tester","Note however that Things MAY choose to not support such dynamically-generated TDs nor to support language negotiation (e.g., because of resource constraints).", +"td-processor-serialization","null","not testable with Assertion Tester","A TD Processor MUST be able to serialize Thing Descriptions into the JSON format [[!RFC8259]] and/or deserialize Thing Descriptions from that format, according to the rules noted in and .", +"td-security-binding","null","not testable with Assertion Tester","If a Thing requires a specific access mechanism for an interaction, that mechanism MUST be specified in the security configuration of the Thing Description.", +"td-security-in-query-over-uri","null","not testable with Assertion Tester","The value uri SHOULD be specified for the name in in a security scheme only if query is not applicable.", +"td-security-no-extras","null","not testable with Assertion Tester","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description.", +"td-security-no-secrets","null","not testable with Assertion Tester","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms.", +"td-vocabulary-defaults","null","not testable with Assertion Tester","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions.", +"td-privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing.", +"td-privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority.", +"td-privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD.", +"td-privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier.", +"td-privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary.", +"td-privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself.", +"td-security-body-name-json-pointer-type","null","not testable with Assertion Tester","The element referenced (or created) by a body security information location MUST be required and of type ""string"".", +"td-security-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings.", +"security-context-secure-fetch","null","not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given.", +"td-security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing.", +"td-security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels.", +"td-security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed.", +"td-security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access.", +"td-security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts.", +"td-security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated.", +"td-security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process.", +"td-context-ns-td10-namespacev10","null","not testable with Assertion Tester","TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description]] specification.", +"td-default-AdditionalResponseContentType","null","not testable with Assertion Tester","AdditionalExpectedResponse contentType value of the contentType of the Form element it belongs to.", +"td-default-observable","null","not testable with Assertion Tester","PropertyAffordance observable false", +"td-processor-bidi-isolation","null","not testable with Assertion Tester","TD Processors SHOULD take care to use bidi isolation when presenting strings to users, particularly when embedding in surrounding text (e.g., for Web user interface)", +"td-producer-mixed-direction","null","not testable with Assertion Tester","TD producers SHOULD attempt to provide mixed direction strings in a way that can be displayed successfully by a naive user agent.", +"td-security-extension","null","not testable with Assertion Tester","Additional security schemes MUST be Subclasses of the Class SecurityScheme.", +"td-text-direction-first-strong","null","not testable with Assertion Tester","When metadata such as @direction is not present, TD Consumers SHOULD use [=first-strong detection=] as a fallback.", +"td-text-direction-language-tag","null","not testable with Assertion Tester","For the MultiLanguage Map, TD Consumers MAY infer the [=base direction=] from the language tag of the individual strings.", +"tm-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with rel:tm:extends MUST be removed from the current Partial TD", +"tm-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or .", +"tm-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD.", +"tm-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance.", +"tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model.", +"tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model.", +"tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions.", +"tm-placeholder-replacement","null","not testable with Assertion Tester","The placeholder labeling MUST be substituted with a concrete value (e.g., as JSON number, JSON string, JSON object, etc) when TD instance is created from the Thing Model.", +"tm-ref-recursive-extensions","null","not testable with Assertion Tester","Recursive extensions leading to an infinite loop MUST NOT be defined.", +"tm-tmRef-overwrite-possibility","null","not testable with Assertion Tester","If the intention is to override an existing JSON name-value pair definition from tm:ref, the same JSON name MUST be used at the same level of the tm:ref declaration that provides a new value.", +"tm-tmRef-overwrite-process","null","not testable with Assertion Tester","The process to overwrite MUST follow the JSON Merge Patch algorithm as defined in [RFC7396] where the content of the referenced definition is patched with the new provided JSON name-value pairs.", +"tm-tmRef-overwrite-semantic-meaning","null","not testable with Assertion Tester","Similar to tm:extends and to keep the semantic meaning, definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin referenced definition.", +"tm-tmRef2","null","not testable with Assertion Tester","Every time tm:ref is used, the referenced pre-definition and its dependencies (e.g., by context extension) MUST be assumed at the new defined definition.", +"tm-versioning-1","null","not testable with Assertion Tester","When the Thing Model definitions change over time, this SHOULD be reflected in the version container.", diff --git a/packages/assertions/assertions-csv/report.json b/packages/assertions/assertions-csv/report.json index c8120e338..4a19c3cdc 100644 --- a/packages/assertions/assertions-csv/report.json +++ b/packages/assertions/assertions-csv/report.json @@ -1 +1 @@ -{"generationDate":"Sun, 08 Oct 2023 06:53:07 GMT","assertionsSize":451,"implementedSize":372,"manualSize":82,"oldSize":3,"needsReviewSize":0} \ No newline at end of file +{"generationDate":"Thu, 29 Feb 2024 13:51:52 GMT","assertionsSize":451,"implementedSize":372,"manualSize":82,"oldSize":4,"needsReviewSize":0} \ No newline at end of file