Skip to content

Commit

Permalink
PURLs
Browse files Browse the repository at this point in the history 
- addresses parts of oasis-tcs#774, oasis-tcs#781, oasis-tcs#341
- improve wording of 6.1.42
- move tests to testfiles
- add invalid examples
- add valid examples
- adapt test schema
  • Loading branch information
@tschmidtb51
tschmidtb51 committed Jan 13, 2025
1 parent 8a4229c commit f221842
Show file tree
Hide file tree
Showing 7 changed files with 263 additions and 24 deletions.
27 changes: 4 additions & 23 deletions csaf_2.1/prose/edit/src/tests-01-mndtr-42-purl-qualifiers.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
### PURL Qualifiers

It MUST be tested that when multiple purls are used in a single `product_identification_helper` object, they only
differ in their qualifiers.
For each `product_identification_helper` object containing multiple purls it MUST be tested that the purls only differ in their qualifiers.

The relevant paths for this test are:

Expand All @@ -21,31 +20,13 @@ The relevant paths for this test are:
"product_id": "CSAFPID-9080700",
"product_identification_helper": {
"purls": [
"pkg:maven/org.example.blue/logging@1.3.4",
"pkg:maven/org.example.blue/audit@1.3.4"
"pkg:maven/com.example/logging@1.3.4",
"pkg:maven/com.example/audit@1.3.4"
]
}
}
]
}
```
> The two purls differ in the name component.
*Example 2 (which passes the test):*

```
"product_tree": {
"full_product_names": [
{
"name": "Product A",
"product_id": "CSAFPID-9080700",
"product_identification_helper": {
"purls": [
"pkg:maven/org.example.blue/logging@1.3.4?repository_url=https://registry.example.org",
"pkg:maven/org.example.blue/logging@1.3.4?repository_url=https://index.example.org"
]
}
}
]
}
```
> The two purls differ in the name component.
46 changes: 46 additions & 0 deletions csaf_2.1/test/validator/data/mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-42-01.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
{
"$schema": "https://docs.oasis-open.org/csaf/csaf/v2.1/csaf_json_schema.json",
"document": {
"category": "csaf_base",
"csaf_version": "2.1",
"distribution": {
"tlp": {
"label": "CLEAR"
}
},
"publisher": {
"category": "other",
"name": "OASIS CSAF TC",
"namespace": "https://csaf.io"
},
"title": "Mandatory test: PURL Qualifiers (failing example 1)",
"tracking": {
"current_release_date": "2024-01-24T10:00:00.000Z",
"id": "OASIS_CSAF_TC-CSAF_2.1-2024-6-1-42-01",
"initial_release_date": "2024-01-24T10:00:00.000Z",
"revision_history": [
{
"date": "2024-01-24T10:00:00.000Z",
"number": "1",
"summary": "Initial version."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"full_product_names": [
{
"name": "Product A",
"product_id": "CSAFPID-9080700",
"product_identification_helper": {
"purls": [
"pkg:maven/com.example/logging@1.3.4",
"pkg:maven/com.example/audit@1.3.4"
]
}
}
]
}
}
63 changes: 63 additions & 0 deletions csaf_2.1/test/validator/data/mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-42-02.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
{
"$schema": "https://docs.oasis-open.org/csaf/csaf/v2.1/csaf_json_schema.json",
"document": {
"category": "csaf_base",
"csaf_version": "2.1",
"distribution": {
"tlp": {
"label": "CLEAR"
}
},
"publisher": {
"category": "other",
"name": "OASIS CSAF TC",
"namespace": "https://csaf.io"
},
"title": "Mandatory test: PURL Qualifiers (failing example 2)",
"tracking": {
"current_release_date": "2024-01-24T10:00:00.000Z",
"id": "OASIS_CSAF_TC-CSAF_2.1-2024-6-1-42-02",
"initial_release_date": "2024-01-24T10:00:00.000Z",
"revision_history": [
{
"date": "2024-01-24T10:00:00.000Z",
"number": "1",
"summary": "Initial version."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"category": "vendor",
"name": "Example Company",
"branches": [
{
"category": "product_name",
"name": "Product A",
"branches": [
{
"category": "product_version",
"name": "1.3.4",
"product": {
"product_id": "CSAFPID-9080700",
"name": "Example Company Product A 1.3.4",
"product_identification_helper": {
"purls": [
"pkg:maven/com.example/product-A@1.3.4?repository_url=https://registry.example.com",
"pkg:maven/com.example/product-A@1.3.4?repository_url=https://index.example.com",
"pkg:maven/com.example/product-A?repository_url=https://index.example.com"
]
}
}
}
]
}
]
}
]
}
}
62 changes: 62 additions & 0 deletions csaf_2.1/test/validator/data/mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-42-11.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
{
"$schema": "https://docs.oasis-open.org/csaf/csaf/v2.1/csaf_json_schema.json",
"document": {
"category": "csaf_base",
"csaf_version": "2.1",
"distribution": {
"tlp": {
"label": "CLEAR"
}
},
"publisher": {
"category": "other",
"name": "OASIS CSAF TC",
"namespace": "https://csaf.io"
},
"title": "Mandatory test: PURL Qualifiers (valid example 1)",
"tracking": {
"current_release_date": "2024-01-24T10:00:00.000Z",
"id": "OASIS_CSAF_TC-CSAF_2.1-2024-6-1-42-11",
"initial_release_date": "2024-01-24T10:00:00.000Z",
"revision_history": [
{
"date": "2024-01-24T10:00:00.000Z",
"number": "1",
"summary": "Initial version."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"category": "vendor",
"name": "Example Company",
"branches": [
{
"category": "product_name",
"name": "Product A",
"branches": [
{
"category": "product_version",
"name": "1.3.4",
"product": {
"product_id": "CSAFPID-9080700",
"name": "Example Company Product A 1.3.4",
"product_identification_helper": {
"purls": [
"pkg:maven/com.example/product-A@1.3.4?repository_url=https://registry.example.com",
"pkg:maven/com.example/product-A@1.3.4?repository_url=https://index.example.com"
]
}
}
}
]
}
]
}
]
}
}
63 changes: 63 additions & 0 deletions csaf_2.1/test/validator/data/mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-42-12.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
{
"$schema": "https://docs.oasis-open.org/csaf/csaf/v2.1/csaf_json_schema.json",
"document": {
"category": "csaf_base",
"csaf_version": "2.1",
"distribution": {
"tlp": {
"label": "CLEAR"
}
},
"publisher": {
"category": "other",
"name": "OASIS CSAF TC",
"namespace": "https://csaf.io"
},
"title": "Mandatory test: PURL Qualifiers (valid example 2)",
"tracking": {
"current_release_date": "2024-01-24T10:00:00.000Z",
"id": "OASIS_CSAF_TC-CSAF_2.1-2024-6-1-42-12",
"initial_release_date": "2024-01-24T10:00:00.000Z",
"revision_history": [
{
"date": "2024-01-24T10:00:00.000Z",
"number": "1",
"summary": "Initial version."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"category": "vendor",
"name": "Example Company",
"branches": [
{
"category": "product_name",
"name": "Product A",
"branches": [
{
"category": "product_version",
"name": "1.3.4",
"product": {
"product_id": "CSAFPID-9080700",
"name": "Example Company Product A 1.3.4",
"product_identification_helper": {
"purls": [
"pkg:maven/com.example/product-A@1.3.4",
"pkg:maven/com.example/product-A@1.3.4?classifier=sources",
"pkg:maven/com.example/product-A@1.3.4?classifier=javadoc"
]
}
}
}
]
}
]
}
]
}
}
24 changes: 24 additions & 0 deletions csaf_2.1/test/validator/data/testcases.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1254,6 +1254,30 @@
}
]
},
{
"id": "6.1.42",
"group": "mandatory",
"failures": [
{
"name": "mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-42-01.json",
"valid": false
},
{
"name": "mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-42-02.json",
"valid": false
}
],
"valid": [
{
"name": "mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-42-11.json",
"valid": true
},
{
"name": "mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-42-12.json",
"valid": true
}
]
},
{
"id": "6.2.1",
"group": "optional",
Expand Down
2 changes: 1 addition & 1 deletion csaf_2.1/test/validator/testcases_json_schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@
"title": "Number of the test",
"description": "Contains the section number of the test in the specification.",
"type": "string",
"pattern": "^6\\.(([1-3]\\.[1-9])|(1\\.10)|([12]\\.1[1-9])|(3\\.1[0-2])|([12]\\.2[0-6])|(2\\.27)|([12]\\.2[8-9])|(1\\.27\\.([1-9]|10|11))|(1\\.3[0-9])|(2\\.30)|(1\\.4[0-1]))$"
"pattern": "^6\\.(([1-3]\\.[1-9])|(1\\.10)|([12]\\.1[1-9])|(3\\.1[0-2])|([12]\\.2[0-6])|(2\\.27)|([12]\\.2[8-9])|(1\\.27\\.([1-9]|10|11))|(1\\.3[0-9])|(2\\.30)|(1\\.4[0-2]))$"
},
"valid": {
"title": "List of valid examples",
Expand Down

0 comments on commit f221842

Please sign in to comment.