-
This is a follow-up to the discussion in https://github.com/csaf-sbom/kotlin-csaf/issues/80#issuecomment-2448675774. We make use of the TC test cases JSONs in testing the validation tests in kotlin-cs…
-
Currently, there are many different ways the json output is ordered in different tools (csaf-validator-lib, csaf-validator-service, csaf_validator).
-
Why do we use an AJV with `strict=false` for the schema validation? Shouldn't the `strict_schema` be checked with the strict option?
@domachine: Something to discuss in the meeting.
-
During a recent review of some data, i had to take a closer read to section 3.1.11.2 and more specifically, the RegEx string attached to it and the examples shared, for context:
[the direct link](htt…
-
`date` fields inside a secvisogram document require the RFC3999 format.
When an incorrect string is entered the JSON-Editor displays a warning, but the document is still considered valid.
![image](h…
-
I didn't check the code completely, so my question is: Would you detect new test file provided by the OASIS TC? And if so, please state how its done and evaluate whether/where that should be documente…
-
This is a bit tricky because we actually would need a list of CWE identifiers and they change over time. In the secvisogram there seems to be a static list of CWEs.
What is the expectation here @msc…
-
Running the validation for `csaf_2_0` and `csaf_2_0_strict`, I get the following error:
```
"csaf_2_0: must match pattern \"^(cpe:2\\.3:[aho\\*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-\\._]|(\\\\[\\\\\\*\…
ctron updated
4 months ago
-
The OASIS Open CSAF TC provides an implementation of a [CSAF full validator](https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#9116-conformance-clause-16-csaf-full-validator) as library …
-
Running the validation for `csaf_2_0` and `csaf_2_0_strict`, I get the following error:
```
"csaf_2_0: must match pattern \"^(cpe:2\\.3:[aho\\*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-\\._]|(\\\\[\\\\\\*\…
ctron updated
8 months ago