Usage Examples

Using the Service Script `csaf-lint`

Assuming there is a valid CSAF v2.0 file inside in the current directory with the name valid_csaf_v_2_0.json validation works like this:


$ csaf-lint valid_csaf_v_2_0.json
2021-03-24 20:08:55 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'

resulting in no output at all and a return code of 0 for success.

Another way to obtain the same result is to provide the document per standard input like:


$ csaf-lint < valid_csaf_v_2_0.json
2021-03-24 20:08:57 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'

Using the Python Module `csaf_lint`

Again, assuming there is a valid CSAF v2.0 file inside in the current directory with the name valid_csaf_v_2_0.json validation works like this (note the underscore instead of the dash separating the words csaf and lint):


$ python -m csaf_lint valid_csaf_v_2_0.json
2021-03-24 20:08:58 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'

resulting in no output at all and a return code of 0 for success.

Another way to obtain the same result is to provide the document per standard input like:


$ python -m csaf_lint < valid_csaf_v_2_0.json
2021-03-24 20:08:59 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'

Also in this install mode (as with pipx) you can call the application csaf-lint.

Using the `docker` image `shagen/csaf-lint`

For now cf. hub.docker.com as shagen/csaf-lint to obtain insatll and initial usage instructions for the docker image.

Inside a Repository Checkout

Using the Module

Executing the csaf_lint module (first two executions succeed, third fails):


$ python -m csaf_lint tests/fixtures/csaf-2.0/baseline/spam/01.json
2021-03-24 19:20:50 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'
$ python -m csaf_lint tests/fixtures/cvrf-no-version-given/is_wun_two.xml
2021-03-24 19:21:15 INFO [csaf-lint]: Validation(XML): code=0, message='OK'
$ python -m csaf_lint examples/empty_object.json 2>&1 | grep -i validat| head -1
2021-03-24 19:22:05 ERROR [csaf-lint]: err.message="'document' is a required property" [err.validator='required'] err.relative_path=deque([])

Switching between editor versions is supported by explicitly stating
the path for the schema like for the 2021.03.19 editor version:


$ export SCHEMA="csaf_lint/schema/csaf/2021.03.19/csaf.json"
$ python -m csaf_lint $SCHEMA validate_me_as_csaf.json
2021-03-24 19:51:30 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'

Executing the Tests

Executing the tests per pytest:


$ pytest
============================= test session starts =========================
platform ...
rootdir: ...fluffy-funicular, configfile: pyproject.toml
plugins: ...
collected 21 items

tests/test_cli.py .....                                              [ 23%]
tests/test_lint.py ................                                  [100%]

============================= 21 passed in 32.26s =========================

For intermediate local development feedback (exclude the slow tests and
report in a terse manner) excluding the complete corpus tests:


$ PYTEST_ADDOPTS="-q -m 'not slow'" pytest
...................                                                  [100%]
19 passed, 2 deselected in 10.02s

Executing Code Quality Analysis

Running prospector:


$ prospector
Check Information
=================
         Started: ...
        Finished: ...
      Time Taken: 2.32 seconds
       Formatter: grouped
        Profiles: default, no_doc_warnings, no_test_warnings, ...
      Strictness: None
  Libraries Used:
       Tools Run: dodgy, mccabe, pep8, profile-validator, pyflakes, pylint
  Messages Found: 0

Running mypy:


$ mypy csaf_lint
Success: no issues found in 4 source files

Csaf-lint