Dear CSAF Community,
I'm puzzled about a specific CSAF test once again.
This time it is the JSON test file found at https://github.com/oasis-tcs/csaf/blob/master/csaf_2.1/test/validator/data/mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-13-02.json I can't see why this is supposed to be a negative test. The PURL "pkg:oci/com.example/product-A@sha256%3Add134261219b2" looks OK to me. What am I missing here?
Also created a GH issue here: https://github.com/oasis-tcs/csaf/issues/1057
Kind regards
Michael
-- Michael Lux, M.Sc. Department Service & Application Security Fraunhofer Institute for Applied and Integrated Security AISEC Lichtenbergstraße 11, 85748 Garching near Munich, Germany Tel. +49 89 32299 86 151 michael.lux@aisec.fraunhofer.de http://www.aisec.fraunhofer.de http://twitter.com/FraunhoferAISEC
OASIS Open400 TradeCenter, Suite 5900Woburn, MA 01801USA
Phone+1 781 425 5073
Get Involved
Join an Open Project
Join a Technical Committee
About UsPrivacy