feat: add mandatory test 6.1.36 #216
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Coverage after merging 197-csaf-2.1-mandatory-test-6.1.36 into 196-csaf-2.1-exclude-unimplemented-tests-from-test-suite
Coverage Report
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Base automatically changed from
196-csaf-2.1-exclude-unimplemented-tests-from-test-suite
to
196-csaf-2.1
February 27, 2025 09:44
|
I'll review after #220 is merged |
rainer-exxcellent
requested changes
Mar 3, 2025
domachine
force-pushed
the
197-csaf-2.1-mandatory-test-6.1.36
branch
2 times, most recently
from
8394eb7 to
eb7c402
Compare
domachine
force-pushed
the
197-csaf-2.1-mandatory-test-6.1.36
branch
from
eb7c402 to
1267a2f
Compare
|
Coverage after merging 197-csaf-2.1-mandatory-test-6.1.36 into 196-csaf-2.1
Coverage Report
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
domachine
force-pushed
the
197-csaf-2.1-mandatory-test-6.1.36
branch
from
1267a2f to
213be7e
Compare
|
Coverage after merging 197-csaf-2.1-mandatory-test-6.1.36 into 196-csaf-2.1
Coverage Report |
tschmidtb51
reviewed
Mar 10, 2025
| if (prohibitionRuleMap.get(category)?.has(productStatus)) { | ||
| ctx.errors.push({ | ||
| instancePath: `/vulnerabilities/${vulnerabilityIndex}/remediations/${remediationIndex}`, | ||
| message: `contradicting remediation product status combination for product id "${productId}": ${category}, ${productStatus}`, |
There was a problem hiding this comment.
Maybe, we can improve the error message?
Suggested change
| message: `contradicting remediation product status combination for product id "${productId}": ${category}, ${productStatus}`, | |
| message: `contradicting remediation product status combination for product id "${productId}": product status is ${productStatus} but remediation category is ${category}`, |
There was a problem hiding this comment.
@domachine I guess, I'm missing a response to this comment...
There was a problem hiding this comment.
What do you think about the suggested error message in https://github.com/secvisogram/csaf-validator-lib/pull/257/files#r2074269857? Please ensure that both follow the same pattern.
tschmidtb51
requested changes
Mar 10, 2025
Maybe this is a similar case: https://github.com/secvisogram/csaf-validator-lib/blob/main/lib/mandatoryTests/mandatoryTest_6_1_1.js#L62 |
tschmidtb51
reviewed
Apr 14, 2025
There was a problem hiding this comment.
Maybe this is a similar case: https://github.com/secvisogram/csaf-validator-lib/blob/main/lib/mandatoryTests/mandatoryTest_6_1_1.js#L62
Here we are using the product id.
I guess, it could be helpful to show it directly at that place... What do you think from an UI perspective?
| if (prohibitionRuleMap.get(category)?.has(productStatus)) { | ||
| ctx.errors.push({ | ||
| instancePath: `/vulnerabilities/${vulnerabilityIndex}/remediations/${remediationIndex}`, | ||
| message: `contradicting remediation product status combination for product id "${productId}": ${category}, ${productStatus}`, |
There was a problem hiding this comment.
@domachine I guess, I'm missing a response to this comment...
I'm not really sure if this would result in better UX. The are two major error sources (probably more). One case I see is that the user confused the product id. In this case it might be easier to spot if the error was right at the product id. The second case is that the remediation category or the product status is messed up. In that case it might be easier to spot and fix if the error was located at the product status or the remediation. Maybe the user can even memorize the product id (maybe it's some technical identifier) then it might be obvious what's wrong if she/he re-checks the remediation (which the error points to). Since the remediation and the product status are probably located side by side (in the same vulnerability) I think it's fine to point the user to the remediation. But it's probably also a matter of taste. Do you have any particular use-case in mind? |
domachine
force-pushed
the
197-csaf-2.1-mandatory-test-6.1.36
branch
from
213be7e to
e1b4533
Compare
|
Coverage after merging 197-csaf-2.1-mandatory-test-6.1.36 into 196-csaf-2.1
Coverage Report |
|
Let's discuss that again in our next meeting |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.