From 79ceffe805ce5d50d60e96d8ba5495630ffe2e05 Mon Sep 17 00:00:00 2001 From: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com> Date: Fri, 25 Oct 2024 21:23:39 +0200 Subject: [PATCH 1/4] Mandatory TLP 2.0 - addresses parts of oasis-tcs/csaf#633 - mark test 6.2.10 as obsolete and present reasoning - remove test files for 6.2.10 - adapt test schema and test data list --- csaf_2.1/prose/edit/src/tests-02-optional.md | 23 ++------------ ...oasis_csaf_tc-csaf_2_1-2024-6-2-10-01.json | 30 ------------------- csaf_2.1/test/validator/data/testcases.json | 10 ------- .../test/validator/testcases_json_schema.json | 2 +- 4 files changed, 4 insertions(+), 61 deletions(-) delete mode 100644 csaf_2.1/test/validator/data/optional/oasis_csaf_tc-csaf_2_1-2024-6-2-10-01.json diff --git a/csaf_2.1/prose/edit/src/tests-02-optional.md b/csaf_2.1/prose/edit/src/tests-02-optional.md index 623ee200..53aa294e 100644 --- a/csaf_2.1/prose/edit/src/tests-02-optional.md +++ b/csaf_2.1/prose/edit/src/tests-02-optional.md @@ -322,27 +322,10 @@ The relevant paths for this test are: > The hash algorithm `sha1` is used in one item of hashes without being accompanied by a second hash algorithm. -### Missing TLP label (deprecated){#missing-tlp-label} +### Missing TLP label (obsolete){#missing-tlp-label} -It MUST be tested that `/document/distribution/tlp/label` is present and valid. - -> TLP labels support the machine-readability and automated distribution. - -The relevant path for this test is: - -``` - /document/distribution/tlp/label -``` - -*Example 1 (which fails the test):* - -``` - "distribution": { - "text": "Distribute freely." - } -``` - -> The CSAF document has no TLP label. +> The TLP label is now mandatory. Therefore, the optional test is obsolete. +> This section is kept to avoid confusion and number changes. ### Missing Canonical URL diff --git a/csaf_2.1/test/validator/data/optional/oasis_csaf_tc-csaf_2_1-2024-6-2-10-01.json b/csaf_2.1/test/validator/data/optional/oasis_csaf_tc-csaf_2_1-2024-6-2-10-01.json deleted file mode 100644 index 59f90697..00000000 --- a/csaf_2.1/test/validator/data/optional/oasis_csaf_tc-csaf_2_1-2024-6-2-10-01.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "$schema": "https://docs.oasis-open.org/csaf/csaf/v2.1/csaf_json_schema.json", - "document": { - "category": "csaf_base", - "csaf_version": "2.1", - "distribution": { - "text": "Distribute freely." - }, - "publisher": { - "category": "other", - "name": "OASIS CSAF TC", - "namespace": "https://csaf.io" - }, - "title": "Optional test: Missing TLP label (failing example 1)", - "tracking": { - "current_release_date": "2024-01-24T10:00:00.000Z", - "id": "OASIS_CSAF_TC-CSAF_2.1-2024-6-2-10-01", - "initial_release_date": "2024-01-24T10:00:00.000Z", - "revision_history": [ - { - "date": "2024-01-24T10:00:00.000Z", - "number": "1", - "summary": "Initial version." - } - ], - "status": "final", - "version": "1" - } - } -} \ No newline at end of file diff --git a/csaf_2.1/test/validator/data/testcases.json b/csaf_2.1/test/validator/data/testcases.json index 4180ec2c..ce696ccf 100644 --- a/csaf_2.1/test/validator/data/testcases.json +++ b/csaf_2.1/test/validator/data/testcases.json @@ -1155,16 +1155,6 @@ } ] }, - { - "id": "6.2.10", - "group": "optional", - "failures": [ - { - "name": "optional/oasis_csaf_tc-csaf_2_1-2024-6-2-10-01.json", - "valid": true - } - ] - }, { "id": "6.2.11", "group": "optional", diff --git a/csaf_2.1/test/validator/testcases_json_schema.json b/csaf_2.1/test/validator/testcases_json_schema.json index ddb189a6..7cb82029 100644 --- a/csaf_2.1/test/validator/testcases_json_schema.json +++ b/csaf_2.1/test/validator/testcases_json_schema.json @@ -62,7 +62,7 @@ "title": "Number of the test", "description": "Contains the section number of the test in the specification.", "type": "string", - "pattern": "^6\\.(([1-3]\\.[1-9])|([12]\\.1[0-9])|(3\\.1[0-2])|([12]\\.2[0-6])|(1\\.2[8-9])|(1\\.27\\.([1-9]|10|11))|(1\\.3[0-4]))$" + "pattern": "^6\\.(([1-3]\\.[1-9])|(1\\.10)|([12]\\.1[1-9])|(3\\.1[0-2])|([12]\\.2[0-6])|(1\\.2[8-9])|(1\\.27\\.([1-9]|10|11))|(1\\.3[0-4]))$" }, "valid": { "title": "List of valid examples", From f169954c4384b7fcbdd1f94698abb68f943943e0 Mon Sep 17 00:00:00 2001 From: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com> Date: Fri, 25 Oct 2024 21:25:52 +0200 Subject: [PATCH 2/4] Mandatory TLP 2.0 - addresses parts of oasis-tcs/csaf#633 - clarify wording regarding required TLP --- csaf_2.1/prose/edit/src/tests-02-optional.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/csaf_2.1/prose/edit/src/tests-02-optional.md b/csaf_2.1/prose/edit/src/tests-02-optional.md index 53aa294e..934afb9d 100644 --- a/csaf_2.1/prose/edit/src/tests-02-optional.md +++ b/csaf_2.1/prose/edit/src/tests-02-optional.md @@ -324,7 +324,7 @@ The relevant paths for this test are: ### Missing TLP label (obsolete){#missing-tlp-label} -> The TLP label is now mandatory. Therefore, the optional test is obsolete. +> The TLP label is now mandatory and enforce by the schema. Therefore, the optional test is obsolete. > This section is kept to avoid confusion and number changes. ### Missing Canonical URL From a0386534b4da21d504614ff19db23580d3d58cd2 Mon Sep 17 00:00:00 2001 From: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com> Date: Fri, 25 Oct 2024 21:40:41 +0200 Subject: [PATCH 3/4] Mandatory TLP 2.0 - addresses parts of oasis-tcs/csaf#633 - clarify in the wording that it is required, not mandatory to avoid confusion with mandatory tests --- csaf_2.1/prose/edit/src/tests-02-optional.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/csaf_2.1/prose/edit/src/tests-02-optional.md b/csaf_2.1/prose/edit/src/tests-02-optional.md index 934afb9d..5aeb871b 100644 --- a/csaf_2.1/prose/edit/src/tests-02-optional.md +++ b/csaf_2.1/prose/edit/src/tests-02-optional.md @@ -324,7 +324,7 @@ The relevant paths for this test are: ### Missing TLP label (obsolete){#missing-tlp-label} -> The TLP label is now mandatory and enforce by the schema. Therefore, the optional test is obsolete. +> The TLP label is now required and enforce by the schema. Therefore, the optional test is obsolete. > This section is kept to avoid confusion and number changes. ### Missing Canonical URL From dd92a3c9fd621312662b088dfae51f3eb21311e7 Mon Sep 17 00:00:00 2001 From: Stefan Hagen Date: Fri, 25 Oct 2024 23:44:54 +0200 Subject: [PATCH 4/4] Review feedback - instead of fixing the wrong form of enforce removed the enforcement as the schema can only require (the validator may enforce). - calmed the waters even more by removing the word confusion and focusing on documentation and numbering of remaining sections --- csaf_2.1/prose/edit/src/tests-02-optional.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/csaf_2.1/prose/edit/src/tests-02-optional.md b/csaf_2.1/prose/edit/src/tests-02-optional.md index 5aeb871b..67d5f5cb 100644 --- a/csaf_2.1/prose/edit/src/tests-02-optional.md +++ b/csaf_2.1/prose/edit/src/tests-02-optional.md @@ -324,8 +324,8 @@ The relevant paths for this test are: ### Missing TLP label (obsolete){#missing-tlp-label} -> The TLP label is now required and enforce by the schema. Therefore, the optional test is obsolete. -> This section is kept to avoid confusion and number changes. +> The TLP label is now required by the schema. Therefore, the optional test is obsolete. +> This section is kept to document that change and keep the numbering of the remaining sections stable. ### Missing Canonical URL