Skip to content

Commit

Permalink
Fixed broken keys.
Browse files Browse the repository at this point in the history
Updated JSON schema validation github workflow.
  • Loading branch information
david-waltermire committed Sep 3, 2021
1 parent 8fb82e7 commit 19475fd
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 83 deletions.
9 changes: 8 additions & 1 deletion .github/workflows/validate-schema.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@ on:
workflow_dispatch:
branches:
- master
env:
CVE_SCHEMA_DIR: schema/v5.0
CVE_SCHEMA_FILENAME: CVE_JSON_5.0.schema
jobs:
verify-json-validation:
runs-on: ubuntu-latest
Expand All @@ -16,6 +19,10 @@ jobs:
- name: Install NPM dependencies (i.e., ajv)
run: |
sudo npm install --loglevel verbose -g yargs ajv-formats@"^1.5.x" ajv-cli@"^4.0.x"
# Rename the schema, since AJV doesn't like non-".json" extensions
- name: Rename schema for AJV
run: |
cp "${CVE_SCHEMA_DIR}/${CVE_SCHEMA_FILENAME}" "${CVE_SCHEMA_DIR}/cve-schema.json"
- name: Validate JSON schema
run: |
ajv compile -c ajv-formats -s schema/v5.0/CVE_JSON_5.0.schema
ajv compile -c ajv-formats -s "${CVE_SCHEMA_DIR}/cve-schema.json"
85 changes: 3 additions & 82 deletions schema/v5.0/CVE_JSON_5.0.schema
Original file line number Diff line number Diff line change
Expand Up @@ -1032,7 +1032,7 @@
"taxonomyMappings": {
"type": "array",
"description": "List of taxonomy items related to the vulnerability",
"minitems": 1,
"minItems": 1,
"uniqueItems": true,
"items": {
"type": "object",
Expand All @@ -1057,7 +1057,7 @@
"taxonomyRelations": {
"type": "array",
"description": "",
"minitems": 1,
"minItems": 1,
"uniqueItems": true,
"items": {
"type": "object",
Expand Down Expand Up @@ -1130,84 +1130,5 @@
]
}
}
},
"oneOf": [

This comment has been minimized.

Copy link
@chandanbn

chandanbn Sep 9, 2021

Collaborator

Looks like this was inadvertently deleted. Needs to be introduced back.

{
"title": "Published",
"description": "When a CNA populates the data associated with a CVE ID as a CVE Record, the state of the CVE Record is Published.",
"properties": {
"dataType": {
"$ref": "#/definitions/dataType"
},
"dataVersion": {
"$ref": "#/definitions/dataVersion"
},
"cveMetadata": {
"$ref": "#/definitions/cveMetadataPublished"
},
"containers": {
"$ref": "#/definitions/containers"
}
},
"required": [
"dataType",
"dataVersion",
"cveMetadata",
"containers"
],
"additionalProperties": false
},
{
"title": "Reserved",
"description": "The initial state for a CVE Record; when the associated CVE ID is Reserved by a CNA.",
"properties": {
"dataType": {
"$ref": "#/definitions/dataType"
},
"dataVersion": {
"$ref": "#/definitions/dataVersion"
},
"cveMetadata": {
"$ref": "#/definitions/cveMetadataReserved"
},
"descriptions": {
"$ref": "#/definitions/descriptions"
}
},
"required": [
"dataType",
"dataVersion",
"cveMetadata"
],
"additionalProperties": false
},
{
"title": "Rejected",
"description": "If the CVE ID and associated CVE Record should no longer be used, the CVE Record is placed in the Rejected state. A Rejected CVE Record remains on the CVE List so that users can know when it is invalid.",
"properties": {
"dataType": {
"$ref": "#/definitions/dataType"
},
"dataVersion": {
"$ref": "#/definitions/dataVersion"
},
"cveMetadata": {
"$ref": "#/definitions/cveMetadataRejected"
},
"descriptions": {
"$ref": "#/definitions/descriptions"
},
"replacedBy": {
"$ref": "#/definitions/replacedBy"
}
},
"required": [
"dataType",
"dataVersion",
"cveMetadata",
"description"
],
"additionalProperties": false
}
]
}
}

0 comments on commit 19475fd

Please sign in to comment.