Usage Examples

Using the Service Script csaf-lint

Assuming there is a valid CSAF v2.0 file inside in the current directory with the name valid_csaf_v_2_0.json validation works like this:

$ csaf-lint valid_csaf_v_2_0.json
2021-03-24 20:08:55 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'

resulting in no output at all and a return code of 0 for success.

Another way to obtain the same result is to provide the document per standard input like:

$ csaf-lint < valid_csaf_v_2_0.json
2021-03-24 20:08:57 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'

Using the Python Module csaf_lint

Again, assuming there is a valid CSAF v2.0 file inside in the current directory with the name valid_csaf_v_2_0.json validation works like this (note the underscore instead of the dash separating the words csaf and lint):

$ python -m csaf_lint valid_csaf_v_2_0.json
2021-03-24 20:08:58 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'

resulting in no output at all and a return code of 0 for success.

Another way to obtain the same result is to provide the document per standard input like:

$ python -m csaf_lint < valid_csaf_v_2_0.json
2021-03-24 20:08:59 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'

Also in this install mode (as with pipx) you can call the application csaf-lint.

Using the docker image shagen/csaf-lint

For now cf. hub.docker.com as shagen/csaf-lint to obtain insatll and initial usage instructions for the docker image.

Inside a Repository Checkout

Using the Module

Executing the csaf_lint module (first two executions succeed, third fails):

$ python -m csaf_lint tests/fixtures/csaf-2.0/baseline/spam/01.json
2021-03-24 19:20:50 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'
$ python -m csaf_lint tests/fixtures/cvrf-no-version-given/is_wun_two.xml
2021-03-24 19:21:15 INFO [csaf-lint]: Validation(XML): code=0, message='OK'
$ python -m csaf_lint examples/empty_object.json 2>&1 | grep -i validat| head -1
2021-03-24 19:22:05 ERROR [csaf-lint]: err.message="'document' is a required property" [err.validator='required'] err.relative_path=deque([])

Switching between editor versions is supported by explicitly stating
the path for the schema like for the 2021.03.19 editor version:

$ export SCHEMA="csaf_lint/schema/csaf/2021.03.19/csaf.json"
$ python -m csaf_lint $SCHEMA validate_me_as_csaf.json
2021-03-24 19:51:30 INFO [csaf-lint]: Validation(JSON): code=0, message='OK'

Executing the Tests

Executing the tests per pytest:

$ pytest
============================= test session starts =========================
platform ...
rootdir: ...fluffy-funicular, configfile: pyproject.toml
plugins: ...
collected 21 items

tests/test_cli.py .....                                              [ 23%]
tests/test_lint.py ................                                  [100%]

============================= 21 passed in 32.26s =========================

For intermediate local development feedback (exclude the slow tests and
report in a terse manner) excluding the complete corpus tests:

$ PYTEST_ADDOPTS="-q -m 'not slow'" pytest
...................                                                  [100%]
19 passed, 2 deselected in 10.02s

Executing Code Quality Analysis

Running prospector:

$ prospector
Check Information
=================
         Started: ...
        Finished: ...
      Time Taken: 2.32 seconds
       Formatter: grouped
        Profiles: default, no_doc_warnings, no_test_warnings, ...
      Strictness: None
  Libraries Used:
       Tools Run: dodgy, mccabe, pep8, profile-validator, pyflakes, pylint
  Messages Found: 0

Running mypy:

$ mypy csaf_lint
Success: no issues found in 4 source files