From 7b1ce428f3673f3ae9356665cef4d5dfbd403ba5 Mon Sep 17 00:00:00 2001 From: rschneider <97682836+rainer-exxcellent@users.noreply.github.com> Date: Thu, 10 Jul 2025 07:36:21 +0200 Subject: [PATCH 1/5] feat(CSAF2.1): #403 add mandatory test 6.2.39.2 --- README.md | 1 + csaf_2_1/recommendedTests.js | 1 + .../recommendedTest_6_2_39_2.js | 153 ++++++++++++++++++ .../translations.js | 17 ++ tests/csaf_2_1/oasis.js | 1 - tests/csaf_2_1/recommendedTest_6_2_39_2.js | 39 +++++ 6 files changed, 211 insertions(+), 1 deletion(-) create mode 100644 csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js create mode 100644 lib/language_specific_translation/translations.js create mode 100644 tests/csaf_2_1/recommendedTest_6_2_39_2.js diff --git a/README.md b/README.md index 6f4f9297..94916d4a 100644 --- a/README.md +++ b/README.md @@ -461,6 +461,7 @@ export const recommendedTest_6_2_17: DocumentTest export const recommendedTest_6_2_18: DocumentTest export const recommendedTest_6_2_22: DocumentTest export const recommendedTest_6_2_23: DocumentTest +export const recommendedTest_6_2_39_2: DocumentTest ``` [(back to top)](#bsi-csaf-validator-lib) diff --git a/csaf_2_1/recommendedTests.js b/csaf_2_1/recommendedTests.js index a39c6673..10e165de 100644 --- a/csaf_2_1/recommendedTests.js +++ b/csaf_2_1/recommendedTests.js @@ -32,3 +32,4 @@ export { recommendedTest_6_2_27 } from './recommendedTests/recommendedTest_6_2_2 export { recommendedTest_6_2_28 } from './recommendedTests/recommendedTest_6_2_28.js' export { recommendedTest_6_2_29 } from './recommendedTests/recommendedTest_6_2_29.js' export { recommendedTest_6_2_38 } from './recommendedTests/recommendedTest_6_2_38.js' +export { recommendedTest_6_2_39_2 } from './recommendedTests/recommendedTest_6_2_39_2.js' diff --git a/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js b/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js new file mode 100644 index 00000000..d471d861 --- /dev/null +++ b/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js @@ -0,0 +1,153 @@ +import Ajv from 'ajv/dist/jtd.js' +import translations from '../../lib/language_specific_translation/translations.js' +import bcp47 from 'bcp47' + +const ajv = new Ajv() + +/* + This is the jtd schema that needs to match the input document so that the + test is activated. If this schema doesn't match it normally means that the input + document does not validate against the csaf json schema or optional fields that + the test checks are not present. + */ +const inputSchema = /** @type {const} */ ({ + additionalProperties: true, + properties: { + document: { + additionalProperties: true, + properties: { + category: { type: 'string' }, + }, + optionalProperties: { + lang: { + type: 'string', + }, + notes: { + elements: { + additionalProperties: true, + optionalProperties: { + category: { + type: 'string', + }, + title: { + type: 'string', + }, + }, + }, + }, + }, + }, + }, +}) + +const validateSchema = ajv.compile(inputSchema) + +/** + * Checks if the document language is specified and not English + * + * @param {string | undefined} language - The language expression to check + * @returns {boolean} True if the language is valid, false otherwise + */ +export function isLangSpecifiedAndNotEnglish(language) { + return ( + !!language && !(bcp47.parse(language)?.langtag.language.language === 'en') + ) +} + +/** + * test whether exactly one item in document notes exists that has the given title. + * and the given category. + * @param {({} & { category?: string | undefined; title?: string | undefined; } & Record)[]} notes + * @param {string} titleToFind + * @param {string} category + * @returns {boolean} True if the language is valid, false otherwise + */ +function containsOneNoteWithTitleAndCategory(notes, titleToFind, category) { + return ( + notes.filter( + (note) => note.category === category && note.title === titleToFind + ).length === 1 + ) +} + +/** + * Get the language specific translation of the given i18nKey + * @param {{ document: { lang?: string; }; }} doc + * @param {string} i18nKey + * @return {string | undefined} + */ +export function getTranslationInDocumentLang(doc, i18nKey) { + if (!doc.document.lang) { + return undefined + } + const language = bcp47.parse(doc.document.lang)?.langtag.language.language + + /** @type {Record>}*/ + const translationByLang = translations.translation + if (!language || !translationByLang[language]) { + return undefined + } else { + return translationByLang[language][i18nKey] + } +} + +/** + * If the document language is specified but not English, and the license_expression contains license + * identifiers or exceptions that are not listed in the SPDX license list or Aboutcode's "ScanCode LicenseDB", + * it MUST be tested that exactly one item in document notes exists that has the language specific translation + * of the term License as title. The category of this item MUST be legal_disclaimer. + * If no language-specific translation has been recorded, the test MUST be skipped + * and output information to the user that no such translation is known. + * + * @param {unknown} doc + */ +export function recommendedTest_6_2_39_2(doc) { + /* + The `ctx` variable holds the state that is accumulated during the test run and is + finally returned by the function. + */ + const ctx = { + warnings: + /** @type {Array<{ instancePath: string; message: string }>} */ ([]), + } + + const noteCategory = 'description' + + if (!validateSchema(doc) || doc.document.category !== 'csaf_withdrawn') { + return ctx + } + + const withdrawalInDocLang = getTranslationInDocumentLang( + doc, + 'reasoning_for_withdrawal' + ) + if (!withdrawalInDocLang) { + ctx.warnings.push({ + instancePath: '/document/notes', + message: + 'no language specific translation for "Reasoning for Withdrawal" has been recorded', + }) + return ctx + } + + if (isLangSpecifiedAndNotEnglish(doc.document.lang)) { + const notes = doc.document.notes + if ( + !notes || + !containsOneNoteWithTitleAndCategory( + notes, + withdrawalInDocLang, + 'description' + ) + ) { + ctx.warnings.push({ + instancePath: '/document/notes', + message: + `for document category "csaf_withdrawn" exactly one note must exist ` + + `with note category "${noteCategory}" and title "${withdrawalInDocLang}`, + }) + } + } + + return ctx +} diff --git a/lib/language_specific_translation/translations.js b/lib/language_specific_translation/translations.js new file mode 100644 index 00000000..a9446592 --- /dev/null +++ b/lib/language_specific_translation/translations.js @@ -0,0 +1,17 @@ +/** + * JavaScript version of JSON file: csaf_2.1/language_specific_translation/translations.json + */ +export default { + $schema: + 'https://raw.githubusercontent.com/oasis-tcs/csaf/master/csaf_2.1/test/language_specific_translation/translations_json_schema.json', + translation_version: '2.1', + translation: { + de: { + license: 'Lizenz', + product_description: 'Produktbeschreibung', + reasoning_for_supersession: 'Begründung für die Ersetzung', + reasoning_for_withdrawal: 'Begründung für die Zurückziehung', + superseding_document: 'Ersetzendes Dokument', + }, + }, +} diff --git a/tests/csaf_2_1/oasis.js b/tests/csaf_2_1/oasis.js index 0e9d2e60..786cf46c 100644 --- a/tests/csaf_2_1/oasis.js +++ b/tests/csaf_2_1/oasis.js @@ -48,7 +48,6 @@ const excluded = [ '6.2.36', '6.2.37', '6.2.39.1', - '6.2.39.2', '6.2.39.3', '6.2.39.4', '6.2.40', diff --git a/tests/csaf_2_1/recommendedTest_6_2_39_2.js b/tests/csaf_2_1/recommendedTest_6_2_39_2.js new file mode 100644 index 00000000..564e6fd4 --- /dev/null +++ b/tests/csaf_2_1/recommendedTest_6_2_39_2.js @@ -0,0 +1,39 @@ +import { + getTranslationInDocumentLang, + recommendedTest_6_2_39_2, +} from '../../csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js' +import { expect } from 'chai' +import assert from 'node:assert' + +describe('recommendedTest_6_2_39_2', function () { + it('only runs on relevant documents', function () { + assert.equal(recommendedTest_6_2_39_2({}).warnings.length, 0) + }) + + it('only runs on valid language', function () { + assert.equal( + recommendedTest_6_2_39_2({ + document: { lang: '123', license_expression: 'MIT' }, + }).warnings.length, + 0 + ) + }) + + it('check get ReasoningForWithdrawal in document lang', function () { + expect( + getTranslationInDocumentLang( + { document: { lang: 'de' } }, + 'reasoning_for_withdrawal' + ) + ).to.eq('Begründung für die Zurückziehung') + expect( + getTranslationInDocumentLang( + { document: { lang: 'es' } }, + 'reasoning_for_withdrawal' + ) + ).to.eq(undefined) + expect( + getTranslationInDocumentLang({ document: {} }, 'reasoning_for_withdrawal') + ).to.eq(undefined) + }) +}) From bb61358c1ef829e93d60e78892bf3d66b03022b1 Mon Sep 17 00:00:00 2001 From: rschneider <97682836+rainer-exxcellent@users.noreply.github.com> Date: Mon, 14 Jul 2025 13:11:05 +0200 Subject: [PATCH 2/5] feat(CSAF2.1): #401 add mandatory test 6.2.39.2 - move common functions to an own file --- .../recommendedTest_6_2_39_2.js | 56 ++----------------- lib/shared/languageSpecificTranslation.js | 54 ++++++++++++++++++ tests/csaf_2_1/recommendedTest_6_2_39_2.js | 6 +- 3 files changed, 61 insertions(+), 55 deletions(-) create mode 100644 lib/shared/languageSpecificTranslation.js diff --git a/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js b/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js index d471d861..73d3f79f 100644 --- a/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js +++ b/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js @@ -1,6 +1,9 @@ import Ajv from 'ajv/dist/jtd.js' -import translations from '../../lib/language_specific_translation/translations.js' -import bcp47 from 'bcp47' +import { + containsOneNoteWithTitleAndCategory, + getTranslationInDocumentLang, + isLangSpecifiedAndNotEnglish, +} from '../../lib/shared/languageSpecificTranslation.js' const ajv = new Ajv() @@ -42,55 +45,6 @@ const inputSchema = /** @type {const} */ ({ const validateSchema = ajv.compile(inputSchema) -/** - * Checks if the document language is specified and not English - * - * @param {string | undefined} language - The language expression to check - * @returns {boolean} True if the language is valid, false otherwise - */ -export function isLangSpecifiedAndNotEnglish(language) { - return ( - !!language && !(bcp47.parse(language)?.langtag.language.language === 'en') - ) -} - -/** - * test whether exactly one item in document notes exists that has the given title. - * and the given category. - * @param {({} & { category?: string | undefined; title?: string | undefined; } & Record)[]} notes - * @param {string} titleToFind - * @param {string} category - * @returns {boolean} True if the language is valid, false otherwise - */ -function containsOneNoteWithTitleAndCategory(notes, titleToFind, category) { - return ( - notes.filter( - (note) => note.category === category && note.title === titleToFind - ).length === 1 - ) -} - -/** - * Get the language specific translation of the given i18nKey - * @param {{ document: { lang?: string; }; }} doc - * @param {string} i18nKey - * @return {string | undefined} - */ -export function getTranslationInDocumentLang(doc, i18nKey) { - if (!doc.document.lang) { - return undefined - } - const language = bcp47.parse(doc.document.lang)?.langtag.language.language - - /** @type {Record>}*/ - const translationByLang = translations.translation - if (!language || !translationByLang[language]) { - return undefined - } else { - return translationByLang[language][i18nKey] - } -} - /** * If the document language is specified but not English, and the license_expression contains license * identifiers or exceptions that are not listed in the SPDX license list or Aboutcode's "ScanCode LicenseDB", diff --git a/lib/shared/languageSpecificTranslation.js b/lib/shared/languageSpecificTranslation.js new file mode 100644 index 00000000..6082c04c --- /dev/null +++ b/lib/shared/languageSpecificTranslation.js @@ -0,0 +1,54 @@ +/** + * Checks if the document language is specified and not English + * + * @param {string | undefined} language - The language expression to check + * @returns {boolean} True if the language is valid, false otherwise + */ +export function isLangSpecifiedAndNotEnglish(language) { + return ( + !!language && !(bcp47.parse(language)?.langtag.language.language === 'en') + ) +} +import bcp47 from 'bcp47' +import translations from '../../lib/language_specific_translation/translations.js' + +/** + * test whether exactly one item in document notes exists that has the given title. + * and the given category. + * @param {({} & { category?: string | undefined; title?: string | undefined; } & Record)[]} notes + * @param {string} titleToFind + * @param {string} category + * @returns {boolean} True if the language is valid, false otherwise + */ +export function containsOneNoteWithTitleAndCategory( + notes, + titleToFind, + category +) { + return ( + notes.filter( + (note) => note.category === category && note.title === titleToFind + ).length === 1 + ) +} + +/** + * Get the language specific translation of the given i18nKey + * @param {{ document: { lang?: string; }; }} doc + * @param {string} i18nKey + * @return {string | undefined} + */ +export function getTranslationInDocumentLang(doc, i18nKey) { + if (!doc.document.lang) { + return undefined + } + const language = bcp47.parse(doc.document.lang)?.langtag.language.language + + /** @type {Record>}*/ + const translationByLang = translations.translation + if (!language || !translationByLang[language]) { + return undefined + } else { + return translationByLang[language][i18nKey] + } +} diff --git a/tests/csaf_2_1/recommendedTest_6_2_39_2.js b/tests/csaf_2_1/recommendedTest_6_2_39_2.js index 564e6fd4..52c54fc2 100644 --- a/tests/csaf_2_1/recommendedTest_6_2_39_2.js +++ b/tests/csaf_2_1/recommendedTest_6_2_39_2.js @@ -1,9 +1,7 @@ -import { - getTranslationInDocumentLang, - recommendedTest_6_2_39_2, -} from '../../csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js' +import { recommendedTest_6_2_39_2 } from '../../csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js' import { expect } from 'chai' import assert from 'node:assert' +import { getTranslationInDocumentLang } from '../../lib/shared/languageSpecificTranslation.js' describe('recommendedTest_6_2_39_2', function () { it('only runs on relevant documents', function () { From a52b009e17328d26977fe88a84ef7237e86f2dd8 Mon Sep 17 00:00:00 2001 From: rschneider <97682836+rainer-exxcellent@users.noreply.github.com> Date: Mon, 14 Jul 2025 13:41:12 +0200 Subject: [PATCH 3/5] feat(CSAF2.1): #401 add mandatory test 6.2.39.2 - changed comment --- csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js b/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js index 73d3f79f..d861ccde 100644 --- a/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js +++ b/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js @@ -46,12 +46,10 @@ const inputSchema = /** @type {const} */ ({ const validateSchema = ajv.compile(inputSchema) /** - * If the document language is specified but not English, and the license_expression contains license - * identifiers or exceptions that are not listed in the SPDX license list or Aboutcode's "ScanCode LicenseDB", - * it MUST be tested that exactly one item in document notes exists that has the language specific translation - * of the term License as title. The category of this item MUST be legal_disclaimer. - * If no language-specific translation has been recorded, the test MUST be skipped - * and output information to the user that no such translation is known. + * If the document language is specified but not English, it MUST be tested that exactly one item in document + * notes exists that has the language specific translation of the term Reasoning for Withdrawal as title. + * The category of this item MUST be description. If no language-specific translation has been recorded, + * the test MUST be skipped and output an information to the user that no such translation is known. * * @param {unknown} doc */ From 1e4bb238fcffde5565ebffbc34d9dce8619acfdb Mon Sep 17 00:00:00 2001 From: rschneider <97682836+rainer-exxcellent@users.noreply.github.com> Date: Mon, 14 Jul 2025 15:02:02 +0200 Subject: [PATCH 4/5] feat(CSAF2.1): #401 add mandatory test 6.2.39.2 - use category constant --- csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js b/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js index d861ccde..11f4f2f5 100644 --- a/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js +++ b/csaf_2_1/recommendedTests/recommendedTest_6_2_39_2.js @@ -89,7 +89,7 @@ export function recommendedTest_6_2_39_2(doc) { !containsOneNoteWithTitleAndCategory( notes, withdrawalInDocLang, - 'description' + noteCategory ) ) { ctx.warnings.push({ From 06335841f6d4ae1922c2851bffe6902073a68e23 Mon Sep 17 00:00:00 2001 From: rschneider <97682836+rainer-exxcellent@users.noreply.github.com> Date: Mon, 14 Jul 2025 13:37:46 +0200 Subject: [PATCH 5/5] feat(CSAF2.1): #402 add mandatory test 6.2.39.3 --- README.md | 1 + csaf_2_1/recommendedTests.js | 1 + .../recommendedTest_6_2_39_3.js | 105 ++++++++++++++++++ tests/csaf_2_1/oasis.js | 1 - tests/csaf_2_1/recommendedTest_6_2_39_3.js | 40 +++++++ 5 files changed, 147 insertions(+), 1 deletion(-) create mode 100644 csaf_2_1/recommendedTests/recommendedTest_6_2_39_3.js create mode 100644 tests/csaf_2_1/recommendedTest_6_2_39_3.js diff --git a/README.md b/README.md index 94916d4a..a27d0629 100644 --- a/README.md +++ b/README.md @@ -462,6 +462,7 @@ export const recommendedTest_6_2_18: DocumentTest export const recommendedTest_6_2_22: DocumentTest export const recommendedTest_6_2_23: DocumentTest export const recommendedTest_6_2_39_2: DocumentTest +export const recommendedTest_6_2_39_3: DocumentTest ``` [(back to top)](#bsi-csaf-validator-lib) diff --git a/csaf_2_1/recommendedTests.js b/csaf_2_1/recommendedTests.js index 10e165de..6623f4bc 100644 --- a/csaf_2_1/recommendedTests.js +++ b/csaf_2_1/recommendedTests.js @@ -33,3 +33,4 @@ export { recommendedTest_6_2_28 } from './recommendedTests/recommendedTest_6_2_2 export { recommendedTest_6_2_29 } from './recommendedTests/recommendedTest_6_2_29.js' export { recommendedTest_6_2_38 } from './recommendedTests/recommendedTest_6_2_38.js' export { recommendedTest_6_2_39_2 } from './recommendedTests/recommendedTest_6_2_39_2.js' +export { recommendedTest_6_2_39_3 } from './recommendedTests/recommendedTest_6_2_39_3.js' diff --git a/csaf_2_1/recommendedTests/recommendedTest_6_2_39_3.js b/csaf_2_1/recommendedTests/recommendedTest_6_2_39_3.js new file mode 100644 index 00000000..3b1785f9 --- /dev/null +++ b/csaf_2_1/recommendedTests/recommendedTest_6_2_39_3.js @@ -0,0 +1,105 @@ +import Ajv from 'ajv/dist/jtd.js' +import { + containsOneNoteWithTitleAndCategory, + getTranslationInDocumentLang, + isLangSpecifiedAndNotEnglish, +} from '../../lib/shared/languageSpecificTranslation.js' + +const ajv = new Ajv() + +/* + This is the jtd schema that needs to match the input document so that the + test is activated. If this schema doesn't match it normally means that the input + document does not validate against the csaf json schema or optional fields that + the test checks are not present. + */ +const inputSchema = /** @type {const} */ ({ + additionalProperties: true, + properties: { + document: { + additionalProperties: true, + properties: { + category: { type: 'string' }, + }, + optionalProperties: { + lang: { + type: 'string', + }, + notes: { + elements: { + additionalProperties: true, + optionalProperties: { + category: { + type: 'string', + }, + title: { + type: 'string', + }, + }, + }, + }, + }, + }, + }, +}) + +const validateSchema = ajv.compile(inputSchema) + +/** + * If the document language is specified but not English, it MUST be tested that exactly one item + * in document notes exists that has the language specific translation of the term Reasoning for Supersession as title, + * The category of this item MUST be description. If no language specific translation has been recorded, + * the test MUST be skipped and output an information to the user that no such translation is known. + * + * @param {unknown} doc + */ +export function recommendedTest_6_2_39_3(doc) { + /* + The `ctx` variable holds the state that is accumulated during the test run and is + finally returned by the function. + */ + const ctx = { + warnings: + /** @type {Array<{ instancePath: string; message: string }>} */ ([]), + } + + const noteCategory = 'description' + + if (!validateSchema(doc) || doc.document.category !== 'csaf_superseded') { + return ctx + } + + const supersessionInDocLang = getTranslationInDocumentLang( + doc, + 'reasoning_for_supersession' + ) + if (!supersessionInDocLang) { + ctx.warnings.push({ + instancePath: '/document/notes', + message: + 'no language specific translation for "Reasoning for Supersession" has been recorded', + }) + return ctx + } + + if (isLangSpecifiedAndNotEnglish(doc.document.lang)) { + const notes = doc.document.notes + if ( + !notes || + !containsOneNoteWithTitleAndCategory( + notes, + supersessionInDocLang, + noteCategory + ) + ) { + ctx.warnings.push({ + instancePath: '/document/notes', + message: + `for document category "csaf_withdrawn" exactly one note must exist ` + + `with note category "${noteCategory}" and title "${supersessionInDocLang}`, + }) + } + } + + return ctx +} diff --git a/tests/csaf_2_1/oasis.js b/tests/csaf_2_1/oasis.js index 786cf46c..4100cb7e 100644 --- a/tests/csaf_2_1/oasis.js +++ b/tests/csaf_2_1/oasis.js @@ -48,7 +48,6 @@ const excluded = [ '6.2.36', '6.2.37', '6.2.39.1', - '6.2.39.3', '6.2.39.4', '6.2.40', '6.2.41', diff --git a/tests/csaf_2_1/recommendedTest_6_2_39_3.js b/tests/csaf_2_1/recommendedTest_6_2_39_3.js new file mode 100644 index 00000000..b8d234cc --- /dev/null +++ b/tests/csaf_2_1/recommendedTest_6_2_39_3.js @@ -0,0 +1,40 @@ +import { recommendedTest_6_2_39_3 } from '../../csaf_2_1/recommendedTests/recommendedTest_6_2_39_3.js' +import { expect } from 'chai' +import assert from 'node:assert' +import { getTranslationInDocumentLang } from '../../lib/shared/languageSpecificTranslation.js' + +describe('recommendedTest_6_2_39_3', function () { + it('only runs on relevant documents', function () { + assert.equal(recommendedTest_6_2_39_3({}).warnings.length, 0) + }) + + it('only runs on valid language', function () { + assert.equal( + recommendedTest_6_2_39_3({ + document: { lang: '123', license_expression: 'MIT' }, + }).warnings.length, + 0 + ) + }) + + it('check get ReasoningForWithdrawal in document lang', function () { + expect( + getTranslationInDocumentLang( + { document: { lang: 'de' } }, + 'reasoning_for_supersession' + ) + ).to.eq('Begründung für die Ersetzung') + expect( + getTranslationInDocumentLang( + { document: { lang: 'jp' } }, + 'reasoning_for_supersession' + ) + ).to.eq(undefined) + expect( + getTranslationInDocumentLang( + { document: {} }, + 'reasoning_for_supersession' + ) + ).to.eq(undefined) + }) +})