Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add validation for OSV records #208

Merged
merged 1 commit into from
Nov 21, 2024
Merged

Add validation for OSV records #208

merged 1 commit into from
Nov 21, 2024

Conversation

sethmlarson
Copy link
Contributor

Closes #73

@di di merged commit 327b0c0 into pypa:main Nov 21, 2024
1 check passed
@di
Copy link
Member

di commented Nov 21, 2024

I've made this a required check as well.

@andrewpollock
Copy link

I'd be better to not rely on a forked copy of the OSV-Schema, it will continue to evolve over time.

@di
Copy link
Member

di commented Nov 22, 2024

@andrewpollock You're suggesting we take it from here instead? https://github.com/ossf/osv-schema/blob/main/validation/schema.json

andrewpollock
andrewpollock reviewed Nov 22, 2024
View reviewed changes
.pre-commit-config.yaml
hooks:
- id: check-jsonschema
files: "^vulns/[a-z0-9_-]+/.+\\.yaml"
args: [--schemafile, "./.github/osv-schema.json"]
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@di if I'm understanding the implementation correctly, based on https://check-jsonschema.readthedocs.io/en/latest/usage.html#downloading-and-caching it can be invoked as
--schemafile https://raw.githubusercontent.com/ossf/osv-schema/main/validation/schema.json or --schemafile https://raw.githubusercontent.com/ossf/osv-schema/refs/tags/v1.6.7/validation/schema.json if you wanted to explicitly pin to a version

@di di mentioned this pull request Nov 22, 2024
Merged
@andrewpollock andrewpollock mentioned this pull request Dec 1, 2024
Merged
andrewpollock added a commit to google/osv.dev that referenced this pull request Dec 2, 2024
@andrewpollock
feat: pilot enabling strict mode on all JSON Schema compliant sources (
da895ff 
…#2943)

This enables strict mode in the OSV.dev staging environment for all
sources in staging that have been deemed already be publishing 100% OSV
JSON Schema compliant records, with the notable exception of the RustSec
Advisory Database due to
rustsec/advisory-db#2135 and the inclusion of
PyPA despite pypa/advisory-database#217
(because of pypa/advisory-database#208)

Part of #2188
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewpollock andrewpollock andrewpollock left review comments

@di di di approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add some basic linting
3 participants
@sethmlarson @di @andrewpollock