NAME

CSAF::Validator::MandatoryTests

SYNOPSIS

    use CSAF::Validator::MandatoryTests;

    my $v = CSAF::Validator::MandatoryTests->new( csaf => $csaf );

    $v->exec_test('6.1.5');
    $v->TEST_6_1_5;

DESCRIPTION

Mandatory tests MUST NOT fail at a valid CSAF document.

    6.1.1 Missing Definition of Product ID
    6.1.2 Multiple Definition of Product ID
    6.1.3 Circular Definition of Product ID
    6.1.4 Missing Definition of Product Group ID
    6.1.5 Multiple Definition of Product Group ID
    6.1.6 Contradicting Product Status
    6.1.7 Multiple Scores with same Version per Product
    6.1.8 Invalid CVSS
    6.1.9 Invalid CVSS computation
    6.1.10 Inconsistent CVSS
    6.1.11 CWE
    6.1.12 Language
    6.1.13 PURL
    6.1.14 Sorted Revision History
    6.1.15 Translator
    6.1.16 Latest Document Version
    6.1.17 Document Status Draft
    6.1.18 Released Revision History
    6.1.19 Revision History Entries for Pre-release Versions
    6.1.20 Non-draft Document Version
    6.1.21 Missing Item in Revision History
    6.1.22 Multiple Definition in Revision History
    6.1.23 Multiple Use of Same CVE
    6.1.24 Multiple Definition in Involvements
    6.1.25 Multiple Use of Same Hash Algorithm
    6.1.26 Prohibited Document Category Name
    6.1.27 Profile Tests
        6.1.27.1 Document Notes
        6.1.27.2 Document References
        6.1.27.3 Vulnerabilities
        6.1.27.4 Product Tree
        6.1.27.5 Vulnerability Notes
        6.1.27.6 Product Status
        6.1.27.7 VEX Product Status
        6.1.27.8 Vulnerability ID
        6.1.27.9 Impact Statement
        6.1.27.10 Action Statement
        6.1.27.11 Vulnerabilities
    6.1.28 Translation
    6.1.29 Remediation without Product Reference
    6.1.30 Mixed Integer and Semantic Versioning
    6.1.31 Version Range in Product Version
    6.1.32 Flag without Product Reference
    6.1.33 Multiple Flags with VEX Justification Codes per Product

METHODS

CSAF::Validator::MandatoryTests inherits all methods from CSAF::Validator::Base and implements the following new ones.

TEST_6_1_1: Missing Definition of Product ID
TEST_6_1_2: Multiple Definition of Product ID
TEST_6_1_3: Circular Definition of Product ID
TEST_6_1_4: Missing Definition of Product Group ID
TEST_6_1_5: Multiple Definition of Product Group ID
TEST_6_1_6: Contradicting Product Status
TEST_6_1_7: Multiple Scores with same Version per Product
TEST_6_1_8: Invalid CVSS
TEST_6_1_9: Invalid CVSS computation
TEST_6_1_10: Inconsistent CVSS
TEST_6_1_11: CWE
TEST_6_1_12: Language
TEST_6_1_13: PURL
TEST_6_1_14: Sorted Revision History
TEST_6_1_15: Translator
TEST_6_1_16: Latest Document Version
TEST_6_1_17: Document Status Draft
TEST_6_1_18: Released Revision History
TEST_6_1_19: Revision History Entries for Pre-release Versions
TEST_6_1_20: Non-draft Document Version
TEST_6_1_21: Missing Item in Revision History
TEST_6_1_22: Multiple Definition in Revision History
TEST_6_1_23: Multiple Use of Same CVE
TEST_6_1_24: Multiple Definition in Involvements
TEST_6_1_25: Multiple Use of Same Hash Algorithm
TEST_6_1_26: Prohibited Document Category Name
TEST_6_1_27_1: Profile Test - Document Notes
TEST_6_1_27_2: Profile Test - Document References
TEST_6_1_27_3: Profile Test - Vulnerabilities
TEST_6_1_27_4: Profile Test - Product Tree
TEST_6_1_27_5: Profile Test - Vulnerability Notes
TEST_6_1_27_6: Profile Test - Product Status
TEST_6_1_27_7: Profile Test - VEX Product Status
TEST_6_1_27_8: Profile Test - Vulnerability ID
TEST_6_1_27_9: Profile Test - Impact Statement
TEST_6_1_27_10: Profile Test - Action Statement
TEST_6_1_27_11: Profile Test - Vulnerabilities
TEST_6_1_28: Translation
TEST_6_1_29: Remediation without Product Reference
TEST_6_1_30: Mixed Integer and Semantic Versioning
TEST_6_1_31: Version Range in Product Version
TEST_6_1_32: Flag without Product Reference
TEST_6_1_33: Multiple Flags with VEX Justification Codes per Product

SUPPORT

Bugs / Feature Requests

Please report any bugs or feature requests through the issue tracker at https://github.com/giterlizzi/perl-CSAF/issues. You will be notified automatically of any progress on your issue.

Source Code

This is open source software. The code repository is available for public review and contribution under the terms of the license.

https://github.com/giterlizzi/perl-CSAF

    git clone https://github.com/giterlizzi/perl-CSAF.git

AUTHOR

Giuseppe Di Terlizzi <gdt@cpan.org>

LICENSE AND COPYRIGHT

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

To install CSAF, copy and paste the appropriate command in to your terminal.

cpanm

cpanm CSAF

CPAN shell

perl -MCPAN -e shell
install CSAF

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)