Provide an expected failure "code" or "message" in testcases.json

[oxisto]

This is a follow-up to the discussion in https://github.com/csaf-sbom/kotlin-csaf/issues/80#issuecomment-2448675774. We make use of the TC test cases JSONs in testing the validation tests in kotlin-csaf. While exploring options to keep tests in sync with the TC, we came up with the idea whether it is possible to include an expected failure "message" in the testcases.json. This way we could align the error messages in our library with the official ones and we could query the testcases.json to automatically assert good and bad test cases even with the appropriate error.

Further discussion points

• Does it make sense to introduce some kind of official error codes for the validation?
• Should it be mandatory for CSAF libraries to use these error codes or messages

This would make developing compliant CSAF libraries much more easier, sort of like a Technology Compatibility Kit.

[tschmidtb51]

We need to take into consideration, what is already existing, e.g. the codes used by the csaf-validator-lib.

The instancePath is crucial as it provides the opportunity for viewers and editors to highlight it message in the right place.