search

gocsaf / csaf

Tools to download or provide CSAF (Common Security Advisory Framework) documents.
https://csaf.io
42 stars 25 forks source link

Implement filename computation #325

Closed tschmidtb51 closed 1 year ago

tschmidtb51 commented 1 year ago

We should implement the filename computation based on the /document/tracking/id and use that to check whether the filename is correct. See also section 5.1.

Currently, we just check whether the filename contains invalid characters...

tschmidtb51 commented 1 year ago

Please see [section 5.1]() for instructions on how to implement it.

IMHO, there is also an import remark:

The regex [^+\-a-z0-9]+ can be used to find a character sequence which has to be replaced by an underscore. However, it SHALL NOT be applied before completing the first step.

Even though the underscore (0x5F) is a valid character in the filename it is replaced to avoid situations where the conversion rule might lead to multiple consecutive underscores. As a result, a /document/tracking/id with the value 2022#01-A is converted into 2022_01-a instead of 2022__01-a.

bernhard-herzog commented 1 year ago

I've started to implement this in the filename-id branch.

bernhardreiter commented 1 year ago

AFAIK done with #365.