Merge pull request #246 from secvisogram/196-csaf-2.1_optional_test_6.2.22

feat: add optional test 6.2.22

Author: christopher-exx

csaf_2_1/optionalTests.js

@@ -19,3 +19,4 @@ export {
   optionalTest_6_2_20,
 } from '../optionalTests.js'
 export { optionalTest_6_2_3 } from './optionalTests/optionalTest_6_2_3.js'
+export { optionalTest_6_2_22 } from './optionalTests/optionalTest_6_2_22.js'

csaf_2_1/optionalTests/optionalTest_6_2_22.js

@@ -0,0 +1,47 @@
+import Ajv from 'ajv/dist/jtd.js'
+
+const ajv = new Ajv()
+
+const inputSchema = /** @type {const} */ ({
+  additionalProperties: true,
+  properties: {
+    document: {
+      additionalProperties: true,
+      properties: {
+        title: { type: 'string' },
+        tracking: {
+          additionalProperties: true,
+          properties: {
+            id: { type: 'string' },
+          },
+        },
+      },
+    },
+  },
+})
+
+const validate = ajv.compile(inputSchema)
+
+/**
+ * @param {any} doc
+ */
+export function optionalTest_6_2_22(doc) {
+  /** @type {Array<{ message: string; instancePath: string }>} */
+  const warnings = []
+  const context = { warnings }
+
+  if (!validate(doc)) {
+    return context
+  }
+
+  const trackingId = doc.document.tracking.id
+  const documentTitle = doc.document.title
+  if (documentTitle.includes(trackingId)) {
+    context.warnings.push({
+      message: `document title contains the tracking id ${trackingId}`,
+      instancePath: `/document/title`,
+    })
+  }
+
+  return context
+}

tests/csaf_2_1/oasis.js

@@ -38,7 +38,6 @@ const excluded = [
   '6.2.11',
   '6.2.19',
   '6.2.21',
-  '6.2.22',
   '6.2.23',
   '6.2.24',
   '6.2.25',

tests/csaf_2_1/optionalTest_6_2_22.js

@@ -0,0 +1,11 @@
+import assert from 'node:assert'
+import { optionalTest_6_2_22 } from '../../csaf_2_1/optionalTests.js'
+
+describe('optionalTest_6_2_22', function () {
+  it('only runs on relevant documents', function () {
+    assert.equal(
+      optionalTest_6_2_22({ vulnerabilities: 'mydoc' }).warnings.length,
+      0
+    )
+  })
+})