search

pboettch / json-schema-validator

JSON schema validator for JSON for Modern C++
Other
463 stars 133 forks source link

`pattern` regex is being ignored when validating a `date-time` formatted property #298

Closed tsarquis88 closed 6 months ago

tsarquis88 commented 6 months ago

Description

I have the following JSON schema, that defines a date-time object with a pattern:

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "title": "Test",
  "properties": {
    "date": {
      "$ref": "#/definitions/timestamp"
    }
  },
  "definitions": {
    "timestamp": {
      "type": "string",
      "format": "date-time",
      "pattern": "^(((2000|2400|2800|(19|2[0-9](0[48]|[2468][048]|[13579][26])))-02-29)|(((19|2[0-9])[0-9]{2})-02-(0[1-9]|1[0-9]|2[0-8]))|(((19|2[0-9])[0-9]{2})-(0[13578]|10|12)-(0[1-9]|[12][0-9]|3[01]))|(((19|2[0-9])[0-9]{2})-(0[469]|11)-(0[1-9]|[12][0-9]|30)))T(2[0-3]|[01][0-9]):([0-5][0-9]):([0-5][0-9])(\\.[0-9]+)?(Z|[+-][0-9]{2}:[0-9]{2})?$"
    }
  }
}

Note: Original schema from https://github.com/CVEProject/cve-schema/blob/master/schema/v5.0/docs/CVE_JSON_5.0_bundled.json

If I use this schema to validate the date:

{
    "date": "2022-10-11T00:00:00"
}

I got the following error:

% ./json-schema-validate schema.json < date.json  
ERROR: '/date' - '"2022-10-11T00:00:00"': format-checking failed: 2022-10-11T00:00:00 is not a date-time string according to RFC 3339.
schema validation failed

But using other validators (like jsonschemavalidator.net or pip's jsonschema) the date is validated successfully.

Examples ![image](https://github.com/pboettch/json-schema-validator/assets/42682247/0ab43431-b4c7-49e2-9bcd-2ef93d4c90db) ![image](https://github.com/pboettch/json-schema-validator/assets/42682247/6868ad71-0cc6-4c1e-813c-1ae7b7d2bac9)

Looking at your source code, it looks like date-time formatted object are being validated against a pre-defined regex, ignoring the one set under pattern. In fact, if I remove the "format": "date-time" property, the validation looks to be made against the regex under pattern.

Is this the expected behavior? If so, why there is a difference with the other validators?

Thanks in advance.

tsarquis88 commented 6 months ago

I would expect the following behavior:

pboettch commented 6 months ago

It seems the date-time-format-check is not working, that's it. The pattern will be checked additionally if the pattern is present in the schema.

The schema is "and"-combined. If one part of the schema fails, the instance is not valid.

pboettch commented 6 months ago 
"date": "2022-10-11T00:00:00"

Well, it seems, this is not a valid RFC3339 date, it is missing the UTC-time-offset or the 'Z' character?

The other validators are accepting date-time-format which are not conform with the standard required by the json-schema-standard:

image

tsarquis88 commented 6 months ago

Thanks for the quick answer @pboettch.

Understood, the date should be compliant with both regex.

Well, it seems, this is not a valid RFC3339 date, it is missing the UTC-time-offset or the 'Z' character?

Yes. Everything started with that Z.

As you're considering this not as a bug, I'll close the issue then.