search

oasis-tcs / csaf

OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secondary artifacts like meeting minutes and productivity code
https://github.com/oasis-tcs/csaf
Other
147 stars 39 forks source link

Rename CSAF properties from description to details #138

Closed sthagen closed 3 years ago

sthagen commented 4 years ago

JSON schema mechanics use description as meta information on the weaved in CSAF properties,

We have some same name properties in our CSAF language. One with at least 8 occrurences is description - which for itself is not very specific. Proposal is to replace these occurences to make the CSAF vs. JSON Schema terms separation more clear.

We have (triplets of TO_BE_REWORDED, title, description) currently:

// 1/8: ...
"description": {
    "title": "Description of the acknowledgment",
     "description": "SHOULD represent any contextual details the document producers wish to make known about the acknowledgment or acknowledged parties",
// 2/8: ...
"description": {
    "title": "Description of reference",
    "description": "Indicates what this reference refers to.",
// 3/8: ...
"description": {
    "title": "Description of the revision",
    "description": "Holds a single non-empty string representing a short description of the changes.",
// 4/8: ...
"description": {
    "title": "Description of the product group",
    "description": "Gives a short, optional description of the group.",
// 5/8: ...
"description": {
    "title": "Description of involvement",
    "description": "Contains additional context regarding what is going on.",
// 6/8: ...
"description": {
    "title": "Description of the remediation",
    "description": "Contains a thorough human-readable discussion of the remediation.",
// 7/8: ...
"description": {
    "title": "Additional restart information",
    "description": "Provides additional information for the restart. This can include details on procedures, scope or impact.",
// 8/8: ...
"description": {
    "title": "Description of the threat",
    "description": "Represents a thorough human-readable discussion of the threat.",

TLDR summary proposed changes in pseudo path notation

  1. /acknowledgment_t/description --> /acknowledgment_t/details
  2. /references_t/[]/description --> /references_t/[]/details
  3. /document/tracking/revision_history/[]/description --> /document/tracking/revision_history/[]/details
  4. /product_tree/product_groups/[]/description --> /product_tree/product_groups/[]/details
  5. /vulnerabilities/[]/description --> /vulnerabilities/[]/details
  6. /vulnerabilities/[]/remediations/description --> /vulnerabilities/[]/remediations/discussion
  7. /vulnerabilities/[]/remediations/restart_required/description --> /vulnerabilities/[]/remediations/restart_required/details
  8. /vulnerabilities/[]/threats/description --> /vulnerabilities/[]/threats/discussion

Detailed proposal to rename as follows (title and description maintained to ease comparison with above):

// 1/8: ...
"details": {
    "title": "Details of the acknowledgment",
     "description": "SHOULD represent any contextual details the document producers wish to make known about the acknowledgment or acknowledged parties",
// 2/8: ...
"details": {
    "title": "Details of the reference",
    "description": "Indicates what this reference refers to.",
// 3/8: ...
"details": {
    "title": "Details of the revision",
    "description": "Holds a single non-empty string representing a short description of the changes.",
// 4/8: ...
"details": {
    "title": "Details of the product group",
    "description": "Gives a short, optional description of the group.",
// 5/8: ...
"details": {
    "title": "Details of involvement",
    "description": "Contains additional context regarding what is going on.",
// 6/8: ...
"discussion": {
    "title": "Discussion of the remediation",
    "description": "Contains a thorough human-readable discussion of the remediation.",
// 7/8: ...
"details": {
    "title": "Additional restart information",
    "description": "Provides additional information for the restart. This can include details on procedures, scope or impact.",
// 8/8: ...
"discussion": {
    "title": "Discussion of the threat",
    "description": "Represents a thorough human-readable discussion of the threat.",
santosomar commented 4 years ago

Discussion of Oct 28th Meeting

/acknowledgment_t/description --> /acknowledgment_t/summary
/references_t/[]/description --> /references_t/[]/summary
/document/tracking/revision_history/[]/description --> /document/tracking/revision_history/[]/summary
/product_tree/product_groups/[]/description --> /product_tree/product_groups/[]/summary
/vulnerabilities/[]/involvements/[]/description --> /vulnerabilities/[]/involvements/[]/summary
/vulnerabilities/[]/remediations/description --> /vulnerabilities/[]/remediations/details
/vulnerabilities/[]/remediations/restart_required/description --> /vulnerabilities/[]/remediations/restart_required/details
/vulnerabilities/[]/threats/description --> /vulnerabilities/[]/threats/details