From aa2d5d9a4321964f91d6dde64c9ec77f366c8ca1 Mon Sep 17 00:00:00 2001 From: Ege Korkan Date: Thu, 29 Feb 2024 12:47:29 +0100 Subject: [PATCH] apply id changes for assertions --- packages/assertions/assertions-td/manual.csv | 50 +++++++++---------- ...s.json => td-privacy-distributed-ids.json} | 4 +- ...ecurity-body-name-json-pointer-array.json} | 4 +- ...> td-security-body-name-json-pointer.json} | 4 +- .../td-vocab-scheme--SecurityScheme_auto.json | 2 +- packages/assertions/assertions-tm/manual.csv | 8 +-- packages/core/shared.js | 6 +-- 7 files changed, 39 insertions(+), 39 deletions(-) rename packages/assertions/assertions-td/{privacy-distributed-ids.json => td-privacy-distributed-ids.json} (85%) rename packages/assertions/assertions-td/{sec-body-name-json-pointer-array.json => td-security-body-name-json-pointer-array.json} (91%) rename packages/assertions/assertions-td/{sec-body-name-json-pointer.json => td-security-body-name-json-pointer.json} (92%) diff --git a/packages/assertions/assertions-td/manual.csv b/packages/assertions/assertions-td/manual.csv index 80b861fac..b7dca748e 100644 --- a/packages/assertions/assertions-td/manual.csv +++ b/packages/assertions/assertions-td/manual.csv @@ -1,14 +1,14 @@ "ID","Status","Comment","Assertion", -"bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member.", -"bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction.","" -"client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions.", -"client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing.", -"client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing.", -"client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing.", -"sec-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer.", -"server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction.", -"server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description.", -"server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing.", +"td-bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member.", +"td-bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction.","" +"td-client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions.", +"td-client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing.", +"td-client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing.", +"td-client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing.", +"td-security-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer.", +"td-server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction.", +"td-server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description.", +"td-server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing.", "td-context-default-language-direction-independence","null","not testable with Assertion Tester","However, when interpreting human-readable text, each human-readable string value MUST be processed independently.", "td-default-alg","null","not testable with Assertion Tester","BearerSecurityScheme alg ES256", "td-default-contentType","null","not testable with Assertion Tester","Form contentType application/json", @@ -45,22 +45,22 @@ "td-security-no-extras","null","not testable with Assertion Tester","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description.", "td-security-no-secrets","null","not testable with Assertion Tester","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms.", "td-vocabulary-defaults","null","not testable with Assertion Tester","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions.", -"privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing.", -"privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority.", -"privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD.", -"privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier.", -"privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary.", -"privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself.", -"sec-body-name-json-pointer-type","null","not testable with Assertion Tester","The element referenced (or created) by a body security information location MUST be required and of type ""string"".", -"sec-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings.", +"td-privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing.", +"td-privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority.", +"td-privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD.", +"td-privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier.", +"td-privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary.", +"td-privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself.", +"td-security-body-name-json-pointer-type","null","not testable with Assertion Tester","The element referenced (or created) by a body security information location MUST be required and of type ""string"".", +"td-security-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings.", "security-context-secure-fetch","null","not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given.", -"security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing.", -"security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels.", -"security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed.", -"security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access.", -"security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts.", -"security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated.", -"security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process.", +"td-security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing.", +"td-security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels.", +"td-security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed.", +"td-security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access.", +"td-security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts.", +"td-security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated.", +"td-security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process.", "td-context-ns-td10-namespacev10","null","not testable with Assertion Tester","TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description]] specification.", "td-default-AdditionalResponseContentType","null","not testable with Assertion Tester","AdditionalExpectedResponse contentType value of the contentType of the Form element it belongs to.", "td-default-observable","null","not testable with Assertion Tester","PropertyAffordance observable false", diff --git a/packages/assertions/assertions-td/privacy-distributed-ids.json b/packages/assertions/assertions-td/td-privacy-distributed-ids.json similarity index 85% rename from packages/assertions/assertions-td/privacy-distributed-ids.json rename to packages/assertions/assertions-td/td-privacy-distributed-ids.json index e0da98feb..40ba5eda9 100644 --- a/packages/assertions/assertions-td/privacy-distributed-ids.json +++ b/packages/assertions/assertions-td/td-privacy-distributed-ids.json @@ -1,9 +1,9 @@ { - "title": "privacy-distributed-ids", + "title": "td-privacy-distributed-ids", "description": "TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness.", "$schema": "http://json-schema.org/draft-07/schema#", "is-complex": false, - "also": ["privacy-id-metadata"], + "also": ["td-privacy-id-metadata"], "type": "object", "properties": { "id": { diff --git a/packages/assertions/assertions-td/sec-body-name-json-pointer-array.json b/packages/assertions/assertions-td/td-security-body-name-json-pointer-array.json similarity index 91% rename from packages/assertions/assertions-td/sec-body-name-json-pointer-array.json rename to packages/assertions/assertions-td/td-security-body-name-json-pointer-array.json index beb2c6833..9bdec1a80 100644 --- a/packages/assertions/assertions-td/sec-body-name-json-pointer-array.json +++ b/packages/assertions/assertions-td/td-security-body-name-json-pointer-array.json @@ -1,5 +1,5 @@ { - "title": "sec-body-name-json-pointer-array", + "title": "td-security-body-name-json-pointer-array", "description": "The JSON pointer used in the body locator MAY use the - character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array", "$schema": "http://json-schema.org/draft-07/schema#", "is-complex": true, @@ -36,7 +36,7 @@ "required": ["in", "scheme", "name"] }, "then": { - "const": "sec-body-name-json-pointer-array=pass" + "const": "td-security-body-name-json-pointer-array=pass" } } } diff --git a/packages/assertions/assertions-td/sec-body-name-json-pointer.json b/packages/assertions/assertions-td/td-security-body-name-json-pointer.json similarity index 92% rename from packages/assertions/assertions-td/sec-body-name-json-pointer.json rename to packages/assertions/assertions-td/td-security-body-name-json-pointer.json index 2b6cd5750..8055a7b8d 100644 --- a/packages/assertions/assertions-td/sec-body-name-json-pointer.json +++ b/packages/assertions/assertions-td/td-security-body-name-json-pointer.json @@ -1,5 +1,5 @@ { - "title": "sec-body-name-json-pointer", + "title": "td-security-body-name-json-pointer", "description": "When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with.", "$schema": "http://json-schema.org/draft-07/schema#", "is-complex": true, @@ -36,7 +36,7 @@ "required": ["in", "scheme", "name"] }, "then": { - "const": "sec-body-name-json-pointer=pass" + "const": "td-security-body-name-json-pointer=pass" } } } diff --git a/packages/assertions/assertions-td/td-vocab-scheme--SecurityScheme_auto.json b/packages/assertions/assertions-td/td-vocab-scheme--SecurityScheme_auto.json index 2f9a5d50c..64ceae505 100644 --- a/packages/assertions/assertions-td/td-vocab-scheme--SecurityScheme_auto.json +++ b/packages/assertions/assertions-td/td-vocab-scheme--SecurityScheme_auto.json @@ -3,7 +3,7 @@ "description": "scheme: Identification of security mechanism being configured. MUST be included. Type: string auto.", "$schema": "http://json-schema.org/draft-07/schema#", "is-complex": true, - "also": ["td-security-binding", "sec-vuln-auto", "sec-security-vocab-auto-in-no-name"], + "also": ["td-security-binding", "td-security-vuln-auto", "td-security-security-vocab-auto-in-no-name"], "type": "object", "properties": { "securityDefinitions": { diff --git a/packages/assertions/assertions-tm/manual.csv b/packages/assertions/assertions-tm/manual.csv index 75a0b7fb2..2a052849a 100644 --- a/packages/assertions/assertions-tm/manual.csv +++ b/packages/assertions/assertions-tm/manual.csv @@ -1,8 +1,8 @@ "ID","Status","Comment","Assertion" -"thing-model-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with ""rel"":""tm:extends"" MUST be removed from the current Partial TD" -"thing-model-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." -"thing-model-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." -"thing-model-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." +"tm-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with ""rel"":""tm:extends"" MUST be removed from the current Partial TD" +"tm-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." +"tm-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." +"tm-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." "tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model." "tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model." "tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions." diff --git a/packages/core/shared.js b/packages/core/shared.js index 6f460afae..b2f46042d 100644 --- a/packages/core/shared.js +++ b/packages/core/shared.js @@ -1093,8 +1093,8 @@ async function fetchLinkedTm(td) { * @param {object} td - TD to check */ async function checkLinkedAffordances(td) { - const ASSERTION_REQUIRED = "thing-model-td-generation-processor-type"; - const ASSERTION_OPTIONAL = "thing-model-td-generation-processor-optional"; + const ASSERTION_REQUIRED = "tm-td-generation-processor-type"; + const ASSERTION_OPTIONAL = "tm-td-generation-processor-optional"; const tmResult = await fetchLinkedTm(td); if (!tmResult.success) { @@ -1203,7 +1203,7 @@ async function checkLinkedAffordances(td) { * @param {object} td - TD to check */ async function checkLinkedStructure(td) { - const ASSERTION_NAME = "thing-model-td-generation-processor-imports"; + const ASSERTION_NAME = "tm-td-generation-processor-imports"; const tmResult = await fetchLinkedTm(td); if (!tmResult.success) {