diff --git a/backend/lib/app.js b/backend/lib/app.js
index f8fadd5..7b6d576 100644
--- a/backend/lib/app.js
+++ b/backend/lib/app.js
@@ -10,7 +10,7 @@ export default async function (fastify) {
openapi: {
info: {
title: 'CSAF Validator Service',
- version: '1.3.41',
+ version: '1.3.42',
description:
'This is a service to validate documents against the CSAF standard.',
contact: {
diff --git a/backend/package-lock.json b/backend/package-lock.json
index 8708f6f..b6b8bb0 100644
--- a/backend/package-lock.json
+++ b/backend/package-lock.json
@@ -145,15 +145,15 @@
"dev": true
},
"node_modules/@types/mocha": {
- "version": "10.0.9",
- "resolved": "https://registry.npmjs.org/@types/mocha/-/mocha-10.0.9.tgz",
- "integrity": "sha512-sicdRoWtYevwxjOHNMPTl3vSfJM6oyW8o1wXeI7uww6b6xHg8eBznQDNSGBCDJmsE8UMxP05JgZRtsKbTqt//Q==",
+ "version": "10.0.10",
+ "resolved": "https://registry.npmjs.org/@types/mocha/-/mocha-10.0.10.tgz",
+ "integrity": "sha512-xPyYSz1cMPnJQhl0CLMH68j3gprKZaTjG3s5Vi+fDgx+uhG9NOXwbVt52eFS8ECyXhyKcjDLCBEqBExKuiZb7Q==",
"dev": true
},
"node_modules/@types/node": {
- "version": "18.19.64",
- "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.64.tgz",
- "integrity": "sha512-955mDqvO2vFf/oL7V3WiUtiz+BugyX8uVbaT2H8oj3+8dRyH2FLiNdowe7eNqRM7IOIZvzDH76EoAT+gwm6aIQ==",
+ "version": "18.19.67",
+ "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.67.tgz",
+ "integrity": "sha512-wI8uHusga+0ZugNp0Ol/3BqQfEcCCNfojtO6Oou9iVNGPTL6QNSdnUdqq85fRgIorLhLMuPIKpsN98QE9Nh+KQ==",
"dev": true,
"dependencies": {
"undici-types": "~5.26.4"
@@ -1709,9 +1709,9 @@
}
},
"node_modules/yaml": {
- "version": "2.6.0",
- "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.6.0.tgz",
- "integrity": "sha512-a6ae//JvKDEra2kdi1qzCyrJW/WZCgFi8ydDV+eXExl95t+5R+ijnqHJbz9tmMh8FUjx3iv2fCQ4dclAQlO2UQ==",
+ "version": "2.6.1",
+ "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.6.1.tgz",
+ "integrity": "sha512-7r0XPzioN/Q9kXBro/XPnA6kznR73DHq+GXh5ON7ZozRO6aMjbmiBuKste2wslTFkC5d1dw0GooOCepZXJ2SAg==",
"bin": {
"yaml": "bin.mjs"
},
diff --git a/csaf-validator-lib/lib/mandatoryTests/mandatoryTest_6_1_13.js b/csaf-validator-lib/lib/mandatoryTests/mandatoryTest_6_1_13.js
index 2e6afb3..2f46a8d 100644
--- a/csaf-validator-lib/lib/mandatoryTests/mandatoryTest_6_1_13.js
+++ b/csaf-validator-lib/lib/mandatoryTests/mandatoryTest_6_1_13.js
@@ -16,11 +16,11 @@ export default function mandatoryTest_6_1_13(doc) {
/** @type {any} */ fullProductName,
/** @type {number} */ fullProductNameIndex
) => {
- checkProductIdentificationHelperPURL(fullProductName, () => {
+ checkProductIdentificationHelperPURL(fullProductName, (errorMessage) => {
isValid = false
errors.push({
instancePath: `/product_tree/full_product_names/${fullProductNameIndex}/product_identification_helper/purl`,
- message: `invalid purl`,
+ message: `invalid purl: ${errorMessage}`,
})
})
}
@@ -35,11 +35,11 @@ export default function mandatoryTest_6_1_13(doc) {
) => {
checkProductIdentificationHelperPURL(
relationship.full_product_name,
- () => {
+ (errorMessage) => {
isValid = false
errors.push({
instancePath: `/product_tree/relationships/${relationshipIndex}/full_product_name/product_identification_helper/purl`,
- message: `invalid purl`,
+ message: `invalid purl: ${errorMessage}`,
})
}
)
@@ -48,7 +48,7 @@ export default function mandatoryTest_6_1_13(doc) {
}
if (doc.product_tree) {
- checkBranchesForInvalidPURLs(doc.product_tree, ({ branchIndexes }) => {
+ checkBranchesForInvalidPURLs(doc.product_tree, ({ branchIndexes, errorMessage }) => {
isValid = false
const branchPathPart = branchIndexes.reduce(
(str, index) => `${str}/branches/${index}`,
@@ -56,7 +56,7 @@ export default function mandatoryTest_6_1_13(doc) {
)
errors.push({
instancePath: `${branchPathPart}/product/product_identification_helper/purl`,
- message: `invalid purl`,
+ message: `invalid purl: ${errorMessage}`,
})
})
}
@@ -67,7 +67,7 @@ export default function mandatoryTest_6_1_13(doc) {
/**
*
* @param {any} parent
- * @param {(error: { branchIndexes: number[] }) => void} onError
+ * @param {(error: { branchIndexes: number[], errorMessage: string }) => void} onError
* @param {number[]} [branchIndexes]
*/
const checkBranchesForInvalidPURLs = (parent, onError, branchIndexes = []) => {
@@ -76,9 +76,10 @@ const checkBranchesForInvalidPURLs = (parent, onError, branchIndexes = []) => {
(/** @type {any} */ branch, /** @type {number} */ branchIndex) => {
const currentBranchIndexes = branchIndexes.concat([branchIndex])
- checkProductIdentificationHelperPURL(branch.product, () => {
+ checkProductIdentificationHelperPURL(branch.product, (errorMessage) => {
onError({
branchIndexes: currentBranchIndexes,
+ errorMessage,
})
})
checkBranchesForInvalidPURLs(branch, onError, currentBranchIndexes)
@@ -89,7 +90,7 @@ const checkBranchesForInvalidPURLs = (parent, onError, branchIndexes = []) => {
/**
* @param {any} productALike
- * @param {() => void} onError
+ * @param {(errorMessage: string) => void} onError
* @returns
*/
const checkProductIdentificationHelperPURL = (productALike, onError) => {
@@ -98,6 +99,7 @@ const checkProductIdentificationHelperPURL = (productALike, onError) => {
try {
PackageURL.fromString(productALike?.product_identification_helper?.purl)
} catch (e) {
- onError()
+ const errorObject = /** @type {{message: string}} */ (e)
+ onError(errorObject?.message ?? "Unknown purl error")
}
}
diff --git a/csaf-validator-lib/package-lock.json b/csaf-validator-lib/package-lock.json
index 1aedb05..73c04aa 100644
--- a/csaf-validator-lib/package-lock.json
+++ b/csaf-validator-lib/package-lock.json
@@ -1,12 +1,12 @@
{
"name": "@secvisogram/csaf-validator-lib",
- "version": "1.3.40",
+ "version": "1.3.41",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "@secvisogram/csaf-validator-lib",
- "version": "1.3.40",
+ "version": "1.3.41",
"license": "MIT",
"dependencies": {
"@js-joda/core": "^5.6.1",
@@ -17,7 +17,7 @@
"cvss2js": "^1.1.0",
"json-pointer": "^0.6.1",
"lodash": "^4.17.21",
- "packageurl-js": "^1.1.1",
+ "packageurl-js": "^2.0.1",
"semver": "^7.5.4",
"undici": "^5.27.0"
},
@@ -124,15 +124,15 @@
"dev": true
},
"node_modules/@types/mocha": {
- "version": "10.0.9",
- "resolved": "https://registry.npmjs.org/@types/mocha/-/mocha-10.0.9.tgz",
- "integrity": "sha512-sicdRoWtYevwxjOHNMPTl3vSfJM6oyW8o1wXeI7uww6b6xHg8eBznQDNSGBCDJmsE8UMxP05JgZRtsKbTqt//Q==",
+ "version": "10.0.10",
+ "resolved": "https://registry.npmjs.org/@types/mocha/-/mocha-10.0.10.tgz",
+ "integrity": "sha512-xPyYSz1cMPnJQhl0CLMH68j3gprKZaTjG3s5Vi+fDgx+uhG9NOXwbVt52eFS8ECyXhyKcjDLCBEqBExKuiZb7Q==",
"dev": true
},
"node_modules/@types/node": {
- "version": "18.19.64",
- "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.64.tgz",
- "integrity": "sha512-955mDqvO2vFf/oL7V3WiUtiz+BugyX8uVbaT2H8oj3+8dRyH2FLiNdowe7eNqRM7IOIZvzDH76EoAT+gwm6aIQ==",
+ "version": "18.19.67",
+ "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.67.tgz",
+ "integrity": "sha512-wI8uHusga+0ZugNp0Ol/3BqQfEcCCNfojtO6Oou9iVNGPTL6QNSdnUdqq85fRgIorLhLMuPIKpsN98QE9Nh+KQ==",
"dev": true,
"dependencies": {
"undici-types": "~5.26.4"
@@ -457,9 +457,9 @@
"dev": true
},
"node_modules/cross-spawn": {
- "version": "7.0.5",
- "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.5.tgz",
- "integrity": "sha512-ZVJrKKYunU38/76t0RMOulHOnUcbU9GbpWKAOZ0mhjr7CX6FVrH+4FrAapSOekrgFQ3f/8gwMEuIft0aKq6Hug==",
+ "version": "7.0.6",
+ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
+ "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
"dev": true,
"dependencies": {
"path-key": "^3.1.0",
@@ -1082,9 +1082,9 @@
}
},
"node_modules/packageurl-js": {
- "version": "1.2.1",
- "resolved": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-1.2.1.tgz",
- "integrity": "sha512-cZ6/MzuXaoFd16/k0WnwtI298UCaDHe/XlSh85SeOKbGZ1hq0xvNbx3ILyCMyk7uFQxl6scF3Aucj6/EO9NwcA=="
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-2.0.1.tgz",
+ "integrity": "sha512-N5ixXjzTy4QDQH0Q9YFjqIWd6zH6936Djpl2m9QNFmDv5Fum8q8BjkpAcHNMzOFE0IwQrFhJWex3AN6kS0OSwg=="
},
"node_modules/path-exists": {
"version": "4.0.0",
diff --git a/csaf-validator-lib/package.json b/csaf-validator-lib/package.json
index c83eed8..116d39b 100644
--- a/csaf-validator-lib/package.json
+++ b/csaf-validator-lib/package.json
@@ -28,7 +28,7 @@
"cvss2js": "^1.1.0",
"json-pointer": "^0.6.1",
"lodash": "^4.17.21",
- "packageurl-js": "^1.1.1",
+ "packageurl-js": "^2.0.1",
"semver": "^7.5.4",
"undici": "^5.27.0"
},
@@ -48,5 +48,5 @@
"typescript": "^4.9.4",
"xml2js": "^0.5.0"
},
- "version": "1.3.40"
+ "version": "1.3.41"
}
diff --git a/documents/generated/asciidoc/index.adoc b/documents/generated/asciidoc/index.adoc
index bd37775..6894dd5 100644
--- a/documents/generated/asciidoc/index.adoc
+++ b/documents/generated/asciidoc/index.adoc
@@ -1,6 +1,6 @@
= CSAF Validator Service
secvisogram@bsi.bund.de
-1.3.41
+1.3.42
:toc: left
:numbered:
:toclevels: 4
diff --git a/documents/generated/html/index.html b/documents/generated/html/index.html
index d2f8ba1..c326c10 100644
--- a/documents/generated/html/index.html
+++ b/documents/generated/html/index.html
@@ -183,7 +183,7 @@ CSAF Validator Service
This is a service to validate documents against the CSAF standard.
- Version: 1.3.41
+ Version: 1.3.42
BasePath:
MIT
https://github.com/secvisogram/csaf-validator-service/blob/main/LICENSE
diff --git a/package-lock.json b/package-lock.json
index 4a24a57..e30bdbe 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
{
"name": "@secvisogram/csaf-validator-service",
- "version": "1.3.41",
+ "version": "1.3.42",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "@secvisogram/csaf-validator-service",
- "version": "1.3.41",
+ "version": "1.3.42",
"hasInstallScript": true,
"devDependencies": {
"husky": "^7.0.4",
@@ -651,9 +651,9 @@
"dev": true
},
"node_modules/typescript": {
- "version": "5.6.3",
- "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.6.3.tgz",
- "integrity": "sha512-hjcS1mhfuyi4WW8IWtjP7brDrG2cuDZukyrYrSauoXGNgx0S7zceP07adYkJycEr56BOUTNPzbInooiN3fn1qw==",
+ "version": "5.7.2",
+ "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.2.tgz",
+ "integrity": "sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==",
"dev": true,
"bin": {
"tsc": "bin/tsc",
diff --git a/package.json b/package.json
index 9133bc7..a6a17f7 100644
--- a/package.json
+++ b/package.json
@@ -32,5 +32,5 @@
"prettier": "^2.8.8",
"typescript": "^5.3.3"
},
- "version": "1.3.41"
+ "version": "1.3.42"
}