Coverage for turvallisuusneuvonta/csaf/core/rules/mandatory/acyclic_product_ids.py: 0.00%
3 statements
« prev ^ index » next coverage.py v7.6.9, created at 2024-12-18 20:29:38 +00:00
« prev ^ index » next coverage.py v7.6.9, created at 2024-12-18 20:29:38 +00:00
1"""6.1.3 Circular Definition of Product ID
3For each new defined Product ID (type /$defs/product_id_t) in items of relationships (/product_tree/relationships)
4it must be tested that the product_id does not end up in a cirle.
6The relevant path for this test is:
8 /product_tree/relationships[]/full_product_name/product_id
10As this can be quite complex a program for large CSAF documents, a program could check first whether a Product ID
11defined in a relationship item is used as product_reference or relates_to_product_reference.
12Only for those which fulfill this condition it is necessary to run the full check following the references.
14Example 42 which fails the test:
16 "product_tree": {
17 "full_product_names": [
18 {
19 "product_id": "CSAFPID-9080700",
20 "name": "Product A"
21 }
22 ],
23 "relationships": [
24 {
25 "category": "installed_on",
26 "full_product_name": {
27 "name": "Product B",
28 "product_id": "CSAFPID-9080701"
29 },
30 "product_reference": "CSAFPID-9080700",
31 "relates_to_product_reference": "CSAFPID-9080701"
32 }
33 ]
34 }
36CSAFPID-9080701 refers to itself - this is a circular definition.
37"""
39ID = (6, 1, 3)
40TOPIC = 'Circular Definition of Product ID'
42PATHS = ('/product_tree/relationships[]/full_product_name/product_id',)