OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

csaf message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [OASIS Issue Tracker] (CSAF-44) JSON Schema overly prescriptive with propertyName restriction


Eric Johnson created CSAF-44:
--------------------------------

             Summary: JSON Schema overly prescriptive with propertyName restriction
                 Key: CSAF-44
                 URL: https://issues.oasis-open.org/browse/CSAF-44
             Project: OASIS Common Security Advisory Framework (CSAF) TC
          Issue Type: Improvement
            Reporter: Eric Johnson


The vulnerabilities array of the JSON CSAF schema defines a "propertyNames" restriction (which properties are allowed in a "vulnerability").

Suggest that we remove this restriction, since the goal of the JSON format is to allow for downstream clients to experiment with extensibility.

In practice, it turns out to be a small amount of code to programmatically add these kinds of restrictions. That is, it is easy to write code to read the schema file, enumerate all the properties of an object, and add propertyNames restrictions on all objects. Such a schema can then be used to ensure exact compliance with the specification - with no extra properties specified. It is therefore of limited value to build such constraints into the base specification.



--
This message was sent by Atlassian JIRA
(v7.7.2#77003)


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]