From 52b37d91a1669ac85efdff25357710649c889b65 Mon Sep 17 00:00:00 2001 From: Jamie Magee Date: Wed, 20 Mar 2024 21:29:47 -0700 Subject: [PATCH] Move `schema.json` from `validation` to `docs` This allows the JSON schema to be published alongside the rest of the documentation to GitHub pages. The schema will be available at https://ossf.github.io/osv-schema/schema.json. Also created a symlink to the previous repository location of `validation/schema.json` in case anyone is already using that in a `$schema` property Closes #226 Signed-off-by: Jamie Magee --- docs/schema.json | 313 ++++++++++++++++++++++++++++++++++++++++ validation/schema.json | 314 +---------------------------------------- 2 files changed, 314 insertions(+), 313 deletions(-) create mode 100644 docs/schema.json mode change 100644 => 120000 validation/schema.json diff --git a/docs/schema.json b/docs/schema.json new file mode 100644 index 00000000..6c2bc0d6 --- /dev/null +++ b/docs/schema.json @@ -0,0 +1,313 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://raw.githubusercontent.com/ossf/osv-schema/main/validation/schema.json", + "title": "Open Source Vulnerability", + "description": "A schema for describing a vulnerability in an open source package.", + "type": "object", + "properties": { + "schema_version": { + "type": "string" + }, + "id": { + "type": "string" + }, + "modified": { + "$ref": "#/$defs/timestamp" + }, + "published": { + "$ref": "#/$defs/timestamp" + }, + "withdrawn": { + "$ref": "#/$defs/timestamp" + }, + "aliases": { + "type": ["array", "null"], + "items": { + "type": "string" + } + }, + "related": { + "type": "array", + "items": { + "type": "string" + } + }, + "summary": { + "type": "string" + }, + "details": { + "type": "string" + }, + "severity": { + "$ref": "#/$defs/severity" + }, + "affected": { + "type": ["array", "null"], + "items": { + "type": "object", + "properties": { + "package": { + "type": "object", + "properties": { + "ecosystem": { + "type": "string" + }, + "name": { + "type": "string" + }, + "purl": { + "type": "string" + } + }, + "required": [ + "ecosystem", + "name" + ] + }, + "severity": { + "$ref": "#/$defs/severity" + }, + "ranges": { + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "GIT", + "SEMVER", + "ECOSYSTEM" + ] + }, + "repo": { + "type": "string" + }, + "events": { + "type": "array", + "contains": { + "required": [ + "introduced" + ] + }, + "items": { + "type": "object", + "oneOf": [ + { + "type": "object", + "properties": { + "introduced": { + "type": "string" + } + }, + "required": [ + "introduced" + ] + }, + { + "type": "object", + "properties": { + "fixed": { + "type": "string" + } + }, + "required": [ + "fixed" + ] + }, + { + "type": "object", + "properties": { + "last_affected": { + "type": "string" + } + }, + "required": [ + "last_affected" + ] + }, + { + "type": "object", + "properties": { + "limit": { + "type": "string" + } + }, + "required": [ + "limit" + ] + } + ] + }, + "minItems": 1 + }, + "database_specific": { + "type": "object" + } + }, + "allOf": [ + { + "if": { + "properties": { + "type": { + "const": "GIT" + } + } + }, + "then": { + "required": [ + "repo" + ] + } + }, + { + "if": { + "properties": { + "events": { + "contains": { + "required": ["last_affected"] + } + } + } + }, + "then": { + "not": { + "properties": { + "events": { + "contains": { + "required": ["fixed"] + } + } + } + } + } + } + ], + "required": [ + "type", + "events" + ] + } + }, + "versions": { + "type": "array", + "items": { + "type": "string" + } + }, + "ecosystem_specific": { + "type": "object" + }, + "database_specific": { + "type": "object" + } + } + } + }, + "references": { + "type": ["array", "null"], + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ADVISORY", + "ARTICLE", + "DETECTION", + "DISCUSSION", + "REPORT", + "FIX", + "INTRODUCED", + "GIT", + "PACKAGE", + "EVIDENCE", + "WEB" + ] + }, + "url": { + "type": "string", + "format": "uri" + } + }, + "required": [ + "type", + "url" + ] + } + }, + "credits": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "contact": { + "type": "array", + "items": { + "type": "string" + } + }, + "type": { + "type": "string", + "enum": [ + "FINDER", + "REPORTER", + "ANALYST", + "COORDINATOR", + "REMEDIATION_DEVELOPER", + "REMEDIATION_REVIEWER", + "REMEDIATION_VERIFIER", + "TOOL", + "SPONSOR", + "OTHER" + ] + } + }, + "required": [ + "name" + ] + } + }, + "database_specific": { + "type": "object" + } + }, + "required": [ + "id", + "modified" + ], + "$defs": { + "severity": { + "type": ["array", "null"], + "items": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "CVSS_V2", + "CVSS_V3", + "CVSS_V4" + ] + }, + "score": { + "type": "string" + } + }, + "required": [ + "type", + "score" + ] + } + }, + "timestamp": { + "type": "string", + "format": "date-time", + "pattern": "[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}(\\.[0-9]+)?Z" + } + }, + "additionalProperties": false +} diff --git a/validation/schema.json b/validation/schema.json deleted file mode 100644 index 6c2bc0d6..00000000 --- a/validation/schema.json +++ /dev/null @@ -1,313 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "https://raw.githubusercontent.com/ossf/osv-schema/main/validation/schema.json", - "title": "Open Source Vulnerability", - "description": "A schema for describing a vulnerability in an open source package.", - "type": "object", - "properties": { - "schema_version": { - "type": "string" - }, - "id": { - "type": "string" - }, - "modified": { - "$ref": "#/$defs/timestamp" - }, - "published": { - "$ref": "#/$defs/timestamp" - }, - "withdrawn": { - "$ref": "#/$defs/timestamp" - }, - "aliases": { - "type": ["array", "null"], - "items": { - "type": "string" - } - }, - "related": { - "type": "array", - "items": { - "type": "string" - } - }, - "summary": { - "type": "string" - }, - "details": { - "type": "string" - }, - "severity": { - "$ref": "#/$defs/severity" - }, - "affected": { - "type": ["array", "null"], - "items": { - "type": "object", - "properties": { - "package": { - "type": "object", - "properties": { - "ecosystem": { - "type": "string" - }, - "name": { - "type": "string" - }, - "purl": { - "type": "string" - } - }, - "required": [ - "ecosystem", - "name" - ] - }, - "severity": { - "$ref": "#/$defs/severity" - }, - "ranges": { - "type": "array", - "items": { - "type": "object", - "properties": { - "type": { - "type": "string", - "enum": [ - "GIT", - "SEMVER", - "ECOSYSTEM" - ] - }, - "repo": { - "type": "string" - }, - "events": { - "type": "array", - "contains": { - "required": [ - "introduced" - ] - }, - "items": { - "type": "object", - "oneOf": [ - { - "type": "object", - "properties": { - "introduced": { - "type": "string" - } - }, - "required": [ - "introduced" - ] - }, - { - "type": "object", - "properties": { - "fixed": { - "type": "string" - } - }, - "required": [ - "fixed" - ] - }, - { - "type": "object", - "properties": { - "last_affected": { - "type": "string" - } - }, - "required": [ - "last_affected" - ] - }, - { - "type": "object", - "properties": { - "limit": { - "type": "string" - } - }, - "required": [ - "limit" - ] - } - ] - }, - "minItems": 1 - }, - "database_specific": { - "type": "object" - } - }, - "allOf": [ - { - "if": { - "properties": { - "type": { - "const": "GIT" - } - } - }, - "then": { - "required": [ - "repo" - ] - } - }, - { - "if": { - "properties": { - "events": { - "contains": { - "required": ["last_affected"] - } - } - } - }, - "then": { - "not": { - "properties": { - "events": { - "contains": { - "required": ["fixed"] - } - } - } - } - } - } - ], - "required": [ - "type", - "events" - ] - } - }, - "versions": { - "type": "array", - "items": { - "type": "string" - } - }, - "ecosystem_specific": { - "type": "object" - }, - "database_specific": { - "type": "object" - } - } - } - }, - "references": { - "type": ["array", "null"], - "items": { - "type": "object", - "properties": { - "type": { - "type": "string", - "enum": [ - "ADVISORY", - "ARTICLE", - "DETECTION", - "DISCUSSION", - "REPORT", - "FIX", - "INTRODUCED", - "GIT", - "PACKAGE", - "EVIDENCE", - "WEB" - ] - }, - "url": { - "type": "string", - "format": "uri" - } - }, - "required": [ - "type", - "url" - ] - } - }, - "credits": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string" - }, - "contact": { - "type": "array", - "items": { - "type": "string" - } - }, - "type": { - "type": "string", - "enum": [ - "FINDER", - "REPORTER", - "ANALYST", - "COORDINATOR", - "REMEDIATION_DEVELOPER", - "REMEDIATION_REVIEWER", - "REMEDIATION_VERIFIER", - "TOOL", - "SPONSOR", - "OTHER" - ] - } - }, - "required": [ - "name" - ] - } - }, - "database_specific": { - "type": "object" - } - }, - "required": [ - "id", - "modified" - ], - "$defs": { - "severity": { - "type": ["array", "null"], - "items": { - "type": "object", - "properties": { - "type": { - "type": "string", - "enum": [ - "CVSS_V2", - "CVSS_V3", - "CVSS_V4" - ] - }, - "score": { - "type": "string" - } - }, - "required": [ - "type", - "score" - ] - } - }, - "timestamp": { - "type": "string", - "format": "date-time", - "pattern": "[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}(\\.[0-9]+)?Z" - } - }, - "additionalProperties": false -} diff --git a/validation/schema.json b/validation/schema.json new file mode 120000 index 00000000..4bd875be --- /dev/null +++ b/validation/schema.json @@ -0,0 +1 @@ +schema.json \ No newline at end of file