Merge pull request #164 from secvisogram/chore/dependency-updates

Chore/dependency updates

Author: christopher-exx

backend/package-lock.json

@@ -311,17 +311,17 @@ The following tests are not yet implemented and therefore missing:
 
 **Mandatory Tests**
 
+- Mandatory Test 6.1.6
 - Mandatory Test 6.1.14
 - Mandatory Test 6.1.16
+- Mandatory Test 6.1.26
 - Mandatory Test 6.1.27.12
 - Mandatory Test 6.1.27.13
-- Mandatory Test 6.1.27.14
 - Mandatory Test 6.1.27.15
 - Mandatory Test 6.1.27.16
 - Mandatory Test 6.1.27.17
 - Mandatory Test 6.1.27.18
 - Mandatory Test 6.1.27.19
-- Mandatory Test 6.1.36
 - Mandatory Test 6.1.42
 - Mandatory Test 6.1.43
 - Mandatory Test 6.1.44
@@ -339,32 +339,34 @@ The following tests are not yet implemented and therefore missing:
 
 **Recommended Tests**
 
-- Recommeded Test 6.2.21
-- Recommeded Test 6.2.22
-- Recommeded Test 6.2.23
-- Recommeded Test 6.2.24
-- Recommeded Test 6.2.25
-- Recommeded Test 6.2.26
-- Recommeded Test 6.2.27
-- Recommeded Test 6.2.28
-- Recommeded Test 6.2.29
-- Recommeded Test 6.2.30
-- Recommeded Test 6.2.31
-- Recommeded Test 6.2.32
-- Recommeded Test 6.2.33
-- Recommeded Test 6.2.34
-- Recommeded Test 6.2.35
-- Recommeded Test 6.2.36
-- Recommeded Test 6.2.37
-- Recommeded Test 6.2.38
-- Recommeded Test 6.2.39
-- Recommeded Test 6.2.40
-- Recommeded Test 6.2.41
-- Recommeded Test 6.2.42
-- Recommeded Test 6.2.43
-- Recommeded Test 6.2.44
-- Recommeded Test 6.2.45
-- Recommeded Test 6.2.46
+- Recommended Test 6.2.11
+- Recommended Test 6.2.19
+- Recommended Test 6.2.20
+- Recommended Test 6.2.21
+- Recommended Test 6.2.23
+- Recommended Test 6.2.24
+- Recommended Test 6.2.25
+- Recommended Test 6.2.26
+- Recommended Test 6.2.27
+- Recommended Test 6.2.28
+- Recommended Test 6.2.29
+- Recommended Test 6.2.30
+- Recommended Test 6.2.31
+- Recommended Test 6.2.32
+- Recommended Test 6.2.33
+- Recommended Test 6.2.34
+- Recommended Test 6.2.35
+- Recommended Test 6.2.36
+- Recommended Test 6.2.37
+- Recommended Test 6.2.38
+- Recommended Test 6.2.39
+- Recommended Test 6.2.40
+- Recommended Test 6.2.41
+- Recommended Test 6.2.42
+- Recommended Test 6.2.43
+- Recommended Test 6.2.44
+- Recommended Test 6.2.45
+- Recommended Test 6.2.46
 
 **Informative Tests**
 
@@ -392,7 +394,6 @@ export const mandatoryTest_6_1_2: DocumentTest
 export const mandatoryTest_6_1_3: DocumentTest
 export const mandatoryTest_6_1_4: DocumentTest
 export const mandatoryTest_6_1_5: DocumentTest
-export const mandatoryTest_6_1_6: DocumentTest
 export const mandatoryTest_6_1_7: DocumentTest
 export const mandatoryTest_6_1_8: DocumentTest
 export const mandatoryTest_6_1_9: DocumentTest
@@ -410,7 +411,6 @@ export const mandatoryTest_6_1_22: DocumentTest
 export const mandatoryTest_6_1_23: DocumentTest
 export const mandatoryTest_6_1_24: DocumentTest
 export const mandatoryTest_6_1_25: DocumentTest
-export const mandatoryTest_6_1_26: DocumentTest
 export const mandatoryTest_6_1_27_1: DocumentTest
 export const mandatoryTest_6_1_27_2: DocumentTest
 export const mandatoryTest_6_1_27_3: DocumentTest
@@ -422,6 +422,7 @@ export const mandatoryTest_6_1_27_8: DocumentTest
 export const mandatoryTest_6_1_27_9: DocumentTest
 export const mandatoryTest_6_1_27_10: DocumentTest
 export const mandatoryTest_6_1_27_11: DocumentTest
+export const mandatoryTest_6_1_27_14: DocumentTest
 export const mandatoryTest_6_1_28: DocumentTest
 export const mandatoryTest_6_1_29: DocumentTest
 export const mandatoryTest_6_1_30: DocumentTest
@@ -430,6 +431,7 @@ export const mandatoryTest_6_1_32: DocumentTest
 export const mandatoryTest_6_1_33: DocumentTest
 export const mandatoryTest_6_1_34: DocumentTest
 export const mandatoryTest_6_1_35: DocumentTest
+export const mandatoryTest_6_1_36: DocumentTest
 export const mandatoryTest_6_1_37: DocumentTest
 export const mandatoryTest_6_1_38: DocumentTest
 export const mandatoryTest_6_1_39: DocumentTest
@@ -452,16 +454,13 @@ export const recommendedTest_6_2_7: DocumentTest
 export const recommendedTest_6_2_8: DocumentTest
 export const recommendedTest_6_2_9: DocumentTest
 export const recommendedTest_6_2_10: DocumentTest
-export const recommendedTest_6_2_11: DocumentTest
 export const recommendedTest_6_2_12: DocumentTest
 export const recommendedTest_6_2_13: DocumentTest
 export const recommendedTest_6_2_14: DocumentTest
 export const recommendedTest_6_2_15: DocumentTest
 export const recommendedTest_6_2_16: DocumentTest
 export const recommendedTest_6_2_17: DocumentTest
 export const recommendedTest_6_2_18: DocumentTest
-export const recommendedTest_6_2_19: DocumentTest
-export const recommendedTest_6_2_20: DocumentTest
 export const recommendedTest_6_2_22: DocumentTest
 ```
 

csaf-validator-lib/README.md

@@ -9,5 +9,5 @@ export {
   informativeTest_6_3_11,
 } from '../informativeTests.js'
 export { informativeTest_6_3_1 } from './informativeTests/informativeTest_6_3_1.js'
-export { informativeTest_6_3_4 } from './informativeTests/informativeTest_6_3_4.js'
 export { informativeTest_6_3_2 } from './informativeTests/informativeTest_6_3_2.js'
+export { informativeTest_6_3_4 } from './informativeTests/informativeTest_6_3_4.js'

csaf-validator-lib/csaf_2_1/informativeTests.js

@@ -37,12 +37,13 @@ export {
 export { mandatoryTest_6_1_1 } from './mandatoryTests/mandatoryTest_6_1_1.js'
 export { mandatoryTest_6_1_7 } from './mandatoryTests/mandatoryTest_6_1_7.js'
 export { mandatoryTest_6_1_8 } from './mandatoryTests/mandatoryTest_6_1_8.js'
+export { mandatoryTest_6_1_9 } from './mandatoryTests/mandatoryTest_6_1_9.js'
+export { mandatoryTest_6_1_10 } from './mandatoryTests/mandatoryTest_6_1_10.js'
 export { mandatoryTest_6_1_11 } from './mandatoryTests/mandatoryTest_6_1_11.js'
 export { mandatoryTest_6_1_13 } from './mandatoryTests/mandatoryTest_6_1_13.js'
-export { mandatoryTest_6_1_10 } from './mandatoryTests/mandatoryTest_6_1_10.js'
+export { mandatoryTest_6_1_27_14 } from './mandatoryTests/mandatoryTest_6_1_27_14.js'
 export { mandatoryTest_6_1_34 } from './mandatoryTests/mandatoryTest_6_1_34.js'
 export { mandatoryTest_6_1_35 } from './mandatoryTests/mandatoryTest_6_1_35.js'
-export { mandatoryTest_6_1_9 } from './mandatoryTests/mandatoryTest_6_1_9.js'
 export { mandatoryTest_6_1_36 } from './mandatoryTests/mandatoryTest_6_1_36.js'
 export { mandatoryTest_6_1_37 } from './mandatoryTests/mandatoryTest_6_1_37.js'
 export { mandatoryTest_6_1_38 } from './mandatoryTests/mandatoryTests_6_1_38.js'

csaf-validator-lib/csaf_2_1/mandatoryTests.js

@@ -0,0 +1,70 @@
+import Ajv from 'ajv/dist/jtd.js'
+
+const ajv = new Ajv()
+
+/*
+  This is the jtd schema that needs to match the input document so that the
+  test is activated. If this schema doesn't match it normally means that the input
+  document does not validate against the csaf json schema or optional fields that
+  the test checks are not present.
+ */
+const inputSchema = /** @type {const} */ ({
+  additionalProperties: true,
+  properties: {
+    document: {
+      additionalProperties: true,
+      properties: {
+        category: {
+          type: 'string',
+        },
+      },
+      optionalProperties: {
+        notes: {
+          elements: {
+            additionalProperties: true,
+            optionalProperties: {
+              category: {
+                type: 'string',
+              },
+            },
+          },
+        },
+      },
+    },
+  },
+})
+
+const validate = ajv.compile(inputSchema)
+
+/**
+ * This implements the mandatory test 6.1.27.14 of the CSAF 2.1 standard.
+ *
+ * @param {unknown} doc
+ */
+export function mandatoryTest_6_1_27_14(doc) {
+  /*
+    The `ctx` variable holds the state that is accumulated during the test ran and is
+    finally returned by the function.
+   */
+  const ctx = {
+    errors:
+      /** @type {Array<{ instancePath: string; message: string }>} */ ([]),
+    isValid: true,
+  }
+
+  if (
+    !validate(doc) ||
+    !['csaf_withdrawn', 'csaf_superseded'].includes(doc.document.category)
+  )
+    return ctx
+
+  if (!doc.document.notes?.find((n) => n.category === 'description')) {
+    ctx.isValid = false
+    ctx.errors.push({
+      instancePath: '/document/notes',
+      message: 'needs at least one note with the category "description"',
+    })
+  }
+
+  return ctx
+}

csaf-validator-lib/csaf_2_1/mandatoryTests/mandatoryTest_6_1_27_14.js

@@ -7,6 +7,14 @@
  */
 
 export { recommendedTest_6_2_1 } from './recommendedTests/recommendedTest_6_2_1.js'
+export { recommendedTest_6_2_2 } from './recommendedTests/recommendedTest_6_2_2.js'
+export { recommendedTest_6_2_3 } from './recommendedTests/recommendedTest_6_2_3.js'
+export { recommendedTest_6_2_4 } from './recommendedTests/recommendedTest_6_2_4.js'
+export { recommendedTest_6_2_5 } from './recommendedTests/recommendedTest_6_2_5.js'
+export { recommendedTest_6_2_6 } from './recommendedTests/recommendedTest_6_2_6.js'
+export { recommendedTest_6_2_7 } from './recommendedTests/recommendedTest_6_2_7.js'
+export { recommendedTest_6_2_8 } from './recommendedTests/recommendedTest_6_2_8.js'
+export { recommendedTest_6_2_9 } from './recommendedTests/recommendedTest_6_2_9.js'
 export { recommendedTest_6_2_10 } from './recommendedTests/recommendedTest_6_2_10.js'
 export { recommendedTest_6_2_11 } from './recommendedTests/recommendedTest_6_2_11.js'
 export { recommendedTest_6_2_12 } from './recommendedTests/recommendedTest_6_2_12.js'
@@ -17,15 +25,7 @@ export { recommendedTest_6_2_16 } from './recommendedTests/recommendedTest_6_2_1
 export { recommendedTest_6_2_17 } from './recommendedTests/recommendedTest_6_2_17.js'
 export { recommendedTest_6_2_18 } from './recommendedTests/recommendedTest_6_2_18.js'
 export { recommendedTest_6_2_19 } from './recommendedTests/recommendedTest_6_2_19.js'
-export { recommendedTest_6_2_2 } from './recommendedTests/recommendedTest_6_2_2.js'
 export { recommendedTest_6_2_20 } from './recommendedTests/recommendedTest_6_2_20.js'
-export { recommendedTest_6_2_4 } from './recommendedTests/recommendedTest_6_2_4.js'
-export { recommendedTest_6_2_5 } from './recommendedTests/recommendedTest_6_2_5.js'
-export { recommendedTest_6_2_6 } from './recommendedTests/recommendedTest_6_2_6.js'
-export { recommendedTest_6_2_7 } from './recommendedTests/recommendedTest_6_2_7.js'
-export { recommendedTest_6_2_8 } from './recommendedTests/recommendedTest_6_2_8.js'
-export { recommendedTest_6_2_9 } from './recommendedTests/recommendedTest_6_2_9.js'
-export { recommendedTest_6_2_3 } from './recommendedTests/recommendedTest_6_2_3.js'
 export { recommendedTest_6_2_22 } from './recommendedTests/recommendedTest_6_2_22.js'
 export { recommendedTest_6_2_27 } from './recommendedTests/recommendedTest_6_2_27.js'
 export { recommendedTest_6_2_28 } from './recommendedTests/recommendedTest_6_2_28.js'

csaf-validator-lib/csaf_2_1/recommendedTests.js

@@ -48,5 +48,5 @@
     "typescript": "^5.7.3",
     "xml2js": "^0.5.0"
   },
-  "version": "2.0.5"
+  "version": "2.0.6"
 }

csaf-validator-lib/package-lock.json

@@ -0,0 +1,24 @@
+import assert from 'node:assert/strict'
+import { mandatoryTest_6_1_27_14 } from '../../csaf_2_1/mandatoryTests/mandatoryTest_6_1_27_14.js'
+
+describe('mandatoryTest_6_1_27_14', function () {
+  it('only runs on documents matching the input schema', function () {
+    assert.equal(
+      mandatoryTest_6_1_27_14({
+        document: 'invalid json',
+      }).isValid,
+      true
+    )
+  })
+
+  it('only runs on csaf_withdrawn and csaf_superseded documents', function () {
+    assert.equal(
+      mandatoryTest_6_1_27_14({
+        document: {
+          category: 'unknown category',
+        },
+      }).isValid,
+      true
+    )
+  })
+})

csaf-validator-lib/package.json

@@ -20,7 +20,6 @@ const excluded = [
   '6.1.27.11',
   '6.1.27.12',
   '6.1.27.13',
-  '6.1.27.14',
   '6.1.27.15',
   '6.1.27.16',
   '6.1.27.17',
@@ -68,10 +67,10 @@ const excluded = [
   '6.2.44',
   '6.2.45',
   '6.2.46',
-  '6.3.14',
-  '6.3.15',
   '6.3.12',
   '6.3.13',
+  '6.3.14',
+  '6.3.15',
   '6.3.16',
   '6.3.17',
 ]