-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add CVSS 4.0 #688
Add CVSS 4.0 #688
Conversation
- addresses parts of oasis-tcs#652 - add CVSS v4 to JSON schema
- addresses parts of oasis-tcs#652 - add CVSS v4.0 to referenced schemas - add strict version of schema
- addresses parts of oasis-tcs#652 - adopt test scripts to include CVSS 4.0
- addresses parts of oasis-tcs#652 - add CVSS 4.0 to informative references - add CVSS 4.0 to construction principles
- addresses parts of oasis-tcs#652 - add CVSS 4.0 to `/vulnerabilities[]/scores[]`
- addresses parts of oasis-tcs#652, oasis-tcs#341 - add invalid example for 6.1.7 - add valid examples for 6.1.7
- addresses parts of oasis-tcs#341 - add invalid examples for 6.1.7 - add valid examples for 6.1.7
- addresses parts of oasis-tcs#652, oasis-tcs#341 - add missing CVSS 4.0 reference in validator test script
- addresses parts of oasis-tcs#652 - update the strict version to use `unevaluatedProperties` instead of `additionalProperties` which fails with `allOf`
- addresses parts of oasis-tcs#652 - use different vector to avoid `multiple` issue
- addresses parts of oasis-tcs#652 - address `multipleOf` issue by parsing floats as Decimal - add valid example to show correctness
- addresses parts of oasis-tcs#652 - add CVSS 4.0 to Appendix C regarding size
- addresses parts of oasis-tcs#652 - add CVRF-CSAF-conversion rule
- addresses parts of oasis-tcs#652, oasis-tcs#341 - add invalid example for 6.1.8 - add valid examples for 6.1.8 - update test 6.1.8
- addresses parts of oasis-tcs#652, oasis-tcs#341 - add invalid example for 6.1.9 - add valid examples for 6.1.9 - update test description 6.1.9
- addresses parts of oasis-tcs#652, oasis-tcs#341 - add invalid examples for 6.1.10 - add valid examples for 6.1.10 - update test description 6.1.10
- addresses parts of oasis-tcs#652, oasis-tcs#341 - add invalid examples for 6.2.19 - add valid examples for 6.2.19 - update test description 6.2.19
- addresses parts of oasis-tcs#652, oasis-tcs#341 - add invalid example for 6.3.1 - add valid example for 6.3.1 - update test description 6.3.1
- addresses parts of oasis-tcs#652 - add test 6.3.12 - add invalid examples for 6.3.12 - add valid examples for 6.3.12
- addresses parts of oasis-tcs#652, oasis-tcs#341 - add valid example for 6.1.9 to trigger `multipleOf` issue
- addresses parts of oasis-tcs#652 - correct wrong `/document/tracking/id`
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All 67 files look good to me. Thanks for the detailed and consistent set of changes, much appreciated.
@sthagen It looks like I can't build the artifacts right now:
What am I missing? |
d0638d9
into
oasis-tcs:editor-revision-2024-02-28
Either an error I creatively introduced or a dynamic instead of static lookup I forgot to enable. I will take a look, and fix it. Thanks for reporting. |
/vulnerabilities[]/scores[]
multipleOf
issue