diff --git a/csaf/schema/cvss-v2.0.json b/csaf/schema/cvss-v2.0.json new file mode 100644 index 0000000..efe9917 --- /dev/null +++ b/csaf/schema/cvss-v2.0.json @@ -0,0 +1,104 @@ +{ + "license": [ + "Copyright (c) 2017, FIRST.ORG, INC.", + "All rights reserved.", + "", + "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the ", + "following conditions are met:", + "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following ", + " disclaimer.", + "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the ", + " following disclaimer in the documentation and/or other materials provided with the distribution.", + "3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote ", + " products derived from this software without specific prior written permission.", + "", + "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, ", + "INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE ", + "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ", + "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR ", + "SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ", + "WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ", + "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." + ], + + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "JSON Schema for Common Vulnerability Scoring System version 2.0", + "id": "https://www.first.org/cvss/cvss-v2.0.json?20170531", + "type": "object", + "definitions": { + "accessVectorType": { + "type": "string", + "enum": [ "NETWORK", "ADJACENT_NETWORK", "LOCAL" ] + }, + "accessComplexityType": { + "type": "string", + "enum": [ "HIGH", "MEDIUM", "LOW" ] + }, + "authenticationType": { + "type": "string", + "enum": [ "MULTIPLE", "SINGLE", "NONE" ] + }, + "ciaType": { + "type": "string", + "enum": [ "NONE", "PARTIAL", "COMPLETE" ] + }, + "exploitabilityType": { + "type": "string", + "enum": [ "UNPROVEN", "PROOF_OF_CONCEPT", "FUNCTIONAL", "HIGH", "NOT_DEFINED" ] + }, + "remediationLevelType": { + "type": "string", + "enum": [ "OFFICIAL_FIX", "TEMPORARY_FIX", "WORKAROUND", "UNAVAILABLE", "NOT_DEFINED" ] + }, + "reportConfidenceType": { + "type": "string", + "enum": [ "UNCONFIRMED", "UNCORROBORATED", "CONFIRMED", "NOT_DEFINED" ] + }, + "collateralDamagePotentialType": { + "type": "string", + "enum": [ "NONE", "LOW", "LOW_MEDIUM", "MEDIUM_HIGH", "HIGH", "NOT_DEFINED" ] + }, + "targetDistributionType": { + "type": "string", + "enum": [ "NONE", "LOW", "MEDIUM", "HIGH", "NOT_DEFINED" ] + }, + "ciaRequirementType": { + "type": "string", + "enum": [ "LOW", "MEDIUM", "HIGH", "NOT_DEFINED" ] + }, + "scoreType": { + "type": "number", + "minimum": 0, + "maximum": 10 + } + }, + "properties": { + "version": { + "description": "CVSS Version", + "type": "string", + "enum": [ "2.0" ] + }, + "vectorString": { + "type": "string", + "pattern": "^((AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))/)*(AV:[NAL]|AC:[LMH]|Au:[MSN]|[CIA]:[NPC]|E:(U|POC|F|H|ND)|RL:(OF|TF|W|U|ND)|RC:(UC|UR|C|ND)|CDP:(N|L|LM|MH|H|ND)|TD:(N|L|M|H|ND)|[CIA]R:(L|M|H|ND))$" + }, + "accessVector": { "$ref": "#/definitions/accessVectorType" }, + "accessComplexity": { "$ref": "#/definitions/accessComplexityType" }, + "authentication": { "$ref": "#/definitions/authenticationType" }, + "confidentialityImpact": { "$ref": "#/definitions/ciaType" }, + "integrityImpact": { "$ref": "#/definitions/ciaType" }, + "availabilityImpact": { "$ref": "#/definitions/ciaType" }, + "baseScore": { "$ref": "#/definitions/scoreType" }, + "exploitability": { "$ref": "#/definitions/exploitabilityType" }, + "remediationLevel": { "$ref": "#/definitions/remediationLevelType" }, + "reportConfidence": { "$ref": "#/definitions/reportConfidenceType" }, + "temporalScore": { "$ref": "#/definitions/scoreType" }, + "collateralDamagePotential": { "$ref": "#/definitions/collateralDamagePotentialType" }, + "targetDistribution": { "$ref": "#/definitions/targetDistributionType" }, + "confidentialityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, + "integrityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, + "availabilityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, + "environmentalScore": { "$ref": "#/definitions/scoreType" } + }, + "required": [ "version", "vectorString", "baseScore" ] +} diff --git a/csaf/schema/cvss-v3.0.json b/csaf/schema/cvss-v3.0.json new file mode 100644 index 0000000..28b3c38 --- /dev/null +++ b/csaf/schema/cvss-v3.0.json @@ -0,0 +1,143 @@ +{ + "license": [ + "Copyright (c) 2017, FIRST.ORG, INC.", + "All rights reserved.", + "", + "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the ", + "following conditions are met:", + "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following ", + " disclaimer.", + "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the ", + " following disclaimer in the documentation and/or other materials provided with the distribution.", + "3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote ", + " products derived from this software without specific prior written permission.", + "", + "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, ", + "INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE ", + "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ", + "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR ", + "SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ", + "WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ", + "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." + ], + + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "JSON Schema for Common Vulnerability Scoring System version 3.0", + "id": "https://www.first.org/cvss/cvss-v3.0.json?20170531", + "type": "object", + "definitions": { + "attackVectorType": { + "type": "string", + "enum": [ "NETWORK", "ADJACENT_NETWORK", "LOCAL", "PHYSICAL" ] + }, + "modifiedAttackVectorType": { + "type": "string", + "enum": [ "NETWORK", "ADJACENT_NETWORK", "LOCAL", "PHYSICAL", "NOT_DEFINED" ] + }, + "attackComplexityType": { + "type": "string", + "enum": [ "HIGH", "LOW" ] + }, + "modifiedAttackComplexityType": { + "type": "string", + "enum": [ "HIGH", "LOW", "NOT_DEFINED" ] + }, + "privilegesRequiredType": { + "type": "string", + "enum": [ "HIGH", "LOW", "NONE" ] + }, + "modifiedPrivilegesRequiredType": { + "type": "string", + "enum": [ "HIGH", "LOW", "NONE", "NOT_DEFINED" ] + }, + "userInteractionType": { + "type": "string", + "enum": [ "NONE", "REQUIRED" ] + }, + "modifiedUserInteractionType": { + "type": "string", + "enum": [ "NONE", "REQUIRED", "NOT_DEFINED" ] + }, + "scopeType": { + "type": "string", + "enum": [ "UNCHANGED", "CHANGED" ] + }, + "modifiedScopeType": { + "type": "string", + "enum": [ "UNCHANGED", "CHANGED", "NOT_DEFINED" ] + }, + "ciaType": { + "type": "string", + "enum": [ "NONE", "LOW", "HIGH" ] + }, + "modifiedCiaType": { + "type": "string", + "enum": [ "NONE", "LOW", "HIGH", "NOT_DEFINED" ] + }, + "exploitCodeMaturityType": { + "type": "string", + "enum": [ "UNPROVEN", "PROOF_OF_CONCEPT", "FUNCTIONAL", "HIGH", "NOT_DEFINED" ] + }, + "remediationLevelType": { + "type": "string", + "enum": [ "OFFICIAL_FIX", "TEMPORARY_FIX", "WORKAROUND", "UNAVAILABLE", "NOT_DEFINED" ] + }, + "confidenceType": { + "type": "string", + "enum": [ "UNKNOWN", "REASONABLE", "CONFIRMED", "NOT_DEFINED" ] + }, + "ciaRequirementType": { + "type": "string", + "enum": [ "LOW", "MEDIUM", "HIGH", "NOT_DEFINED" ] + }, + "scoreType": { + "type": "number", + "minimum": 0, + "maximum": 10 + }, + "severityType": { + "type": "string", + "enum": [ "NONE", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] + } + }, + "properties": { + "version": { + "description": "CVSS Version", + "type": "string", + "enum": [ "3.0" ] + }, + "vectorString": { + "type": "string", + "pattern": "^CVSS:3[.]0/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$" + }, + "attackVector": { "$ref": "#/definitions/attackVectorType" }, + "attackComplexity": { "$ref": "#/definitions/attackComplexityType" }, + "privilegesRequired": { "$ref": "#/definitions/privilegesRequiredType" }, + "userInteraction": { "$ref": "#/definitions/userInteractionType" }, + "scope": { "$ref": "#/definitions/scopeType" }, + "confidentialityImpact": { "$ref": "#/definitions/ciaType" }, + "integrityImpact": { "$ref": "#/definitions/ciaType" }, + "availabilityImpact": { "$ref": "#/definitions/ciaType" }, + "baseScore": { "$ref": "#/definitions/scoreType" }, + "baseSeverity": { "$ref": "#/definitions/severityType" }, + "exploitCodeMaturity": { "$ref": "#/definitions/exploitCodeMaturityType" }, + "remediationLevel": { "$ref": "#/definitions/remediationLevelType" }, + "reportConfidence": { "$ref": "#/definitions/confidenceType" }, + "temporalScore": { "$ref": "#/definitions/scoreType" }, + "temporalSeverity": { "$ref": "#/definitions/severityType" }, + "confidentialityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, + "integrityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, + "availabilityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, + "modifiedAttackVector": { "$ref": "#/definitions/modifiedAttackVectorType" }, + "modifiedAttackComplexity": { "$ref": "#/definitions/modifiedAttackComplexityType" }, + "modifiedPrivilegesRequired": { "$ref": "#/definitions/modifiedPrivilegesRequiredType" }, + "modifiedUserInteraction": { "$ref": "#/definitions/modifiedUserInteractionType" }, + "modifiedScope": { "$ref": "#/definitions/modifiedScopeType" }, + "modifiedConfidentialityImpact": { "$ref": "#/definitions/modifiedCiaType" }, + "modifiedIntegrityImpact": { "$ref": "#/definitions/modifiedCiaType" }, + "modifiedAvailabilityImpact": { "$ref": "#/definitions/modifiedCiaType" }, + "environmentalScore": { "$ref": "#/definitions/scoreType" }, + "environmentalSeverity": { "$ref": "#/definitions/severityType" } + }, + "required": [ "version", "vectorString", "baseScore", "baseSeverity" ] +} diff --git a/csaf/schema/cvss-v3.1.json b/csaf/schema/cvss-v3.1.json new file mode 100644 index 0000000..0c2b2dd --- /dev/null +++ b/csaf/schema/cvss-v3.1.json @@ -0,0 +1,143 @@ +{ + "license": [ + "Copyright (c) 2021, FIRST.ORG, INC.", + "All rights reserved.", + "", + "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the ", + "following conditions are met:", + "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following ", + " disclaimer.", + "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the ", + " following disclaimer in the documentation and/or other materials provided with the distribution.", + "3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote ", + " products derived from this software without specific prior written permission.", + "", + "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, ", + "INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE ", + "DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, ", + "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR ", + "SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ", + "WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE ", + "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." + ], + + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "JSON Schema for Common Vulnerability Scoring System version 3.1", + "$id": "https://www.first.org/cvss/cvss-v3.1.json?20211103", + "type": "object", + "definitions": { + "attackVectorType": { + "type": "string", + "enum": [ "NETWORK", "ADJACENT_NETWORK", "LOCAL", "PHYSICAL" ] + }, + "modifiedAttackVectorType": { + "type": "string", + "enum": [ "NETWORK", "ADJACENT_NETWORK", "LOCAL", "PHYSICAL", "NOT_DEFINED" ] + }, + "attackComplexityType": { + "type": "string", + "enum": [ "HIGH", "LOW" ] + }, + "modifiedAttackComplexityType": { + "type": "string", + "enum": [ "HIGH", "LOW", "NOT_DEFINED" ] + }, + "privilegesRequiredType": { + "type": "string", + "enum": [ "HIGH", "LOW", "NONE" ] + }, + "modifiedPrivilegesRequiredType": { + "type": "string", + "enum": [ "HIGH", "LOW", "NONE", "NOT_DEFINED" ] + }, + "userInteractionType": { + "type": "string", + "enum": [ "NONE", "REQUIRED" ] + }, + "modifiedUserInteractionType": { + "type": "string", + "enum": [ "NONE", "REQUIRED", "NOT_DEFINED" ] + }, + "scopeType": { + "type": "string", + "enum": [ "UNCHANGED", "CHANGED" ] + }, + "modifiedScopeType": { + "type": "string", + "enum": [ "UNCHANGED", "CHANGED", "NOT_DEFINED" ] + }, + "ciaType": { + "type": "string", + "enum": [ "NONE", "LOW", "HIGH" ] + }, + "modifiedCiaType": { + "type": "string", + "enum": [ "NONE", "LOW", "HIGH", "NOT_DEFINED" ] + }, + "exploitCodeMaturityType": { + "type": "string", + "enum": [ "UNPROVEN", "PROOF_OF_CONCEPT", "FUNCTIONAL", "HIGH", "NOT_DEFINED" ] + }, + "remediationLevelType": { + "type": "string", + "enum": [ "OFFICIAL_FIX", "TEMPORARY_FIX", "WORKAROUND", "UNAVAILABLE", "NOT_DEFINED" ] + }, + "confidenceType": { + "type": "string", + "enum": [ "UNKNOWN", "REASONABLE", "CONFIRMED", "NOT_DEFINED" ] + }, + "ciaRequirementType": { + "type": "string", + "enum": [ "LOW", "MEDIUM", "HIGH", "NOT_DEFINED" ] + }, + "scoreType": { + "type": "number", + "minimum": 0, + "maximum": 10 + }, + "severityType": { + "type": "string", + "enum": [ "NONE", "LOW", "MEDIUM", "HIGH", "CRITICAL" ] + } + }, + "properties": { + "version": { + "description": "CVSS Version", + "type": "string", + "enum": [ "3.1" ] + }, + "vectorString": { + "type": "string", + "pattern": "^CVSS:3[.]1/((AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])/)*(AV:[NALP]|AC:[LH]|PR:[NLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$" + }, + "attackVector": { "$ref": "#/definitions/attackVectorType" }, + "attackComplexity": { "$ref": "#/definitions/attackComplexityType" }, + "privilegesRequired": { "$ref": "#/definitions/privilegesRequiredType" }, + "userInteraction": { "$ref": "#/definitions/userInteractionType" }, + "scope": { "$ref": "#/definitions/scopeType" }, + "confidentialityImpact": { "$ref": "#/definitions/ciaType" }, + "integrityImpact": { "$ref": "#/definitions/ciaType" }, + "availabilityImpact": { "$ref": "#/definitions/ciaType" }, + "baseScore": { "$ref": "#/definitions/scoreType" }, + "baseSeverity": { "$ref": "#/definitions/severityType" }, + "exploitCodeMaturity": { "$ref": "#/definitions/exploitCodeMaturityType" }, + "remediationLevel": { "$ref": "#/definitions/remediationLevelType" }, + "reportConfidence": { "$ref": "#/definitions/confidenceType" }, + "temporalScore": { "$ref": "#/definitions/scoreType" }, + "temporalSeverity": { "$ref": "#/definitions/severityType" }, + "confidentialityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, + "integrityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, + "availabilityRequirement": { "$ref": "#/definitions/ciaRequirementType" }, + "modifiedAttackVector": { "$ref": "#/definitions/modifiedAttackVectorType" }, + "modifiedAttackComplexity": { "$ref": "#/definitions/modifiedAttackComplexityType" }, + "modifiedPrivilegesRequired": { "$ref": "#/definitions/modifiedPrivilegesRequiredType" }, + "modifiedUserInteraction": { "$ref": "#/definitions/modifiedUserInteractionType" }, + "modifiedScope": { "$ref": "#/definitions/modifiedScopeType" }, + "modifiedConfidentialityImpact": { "$ref": "#/definitions/modifiedCiaType" }, + "modifiedIntegrityImpact": { "$ref": "#/definitions/modifiedCiaType" }, + "modifiedAvailabilityImpact": { "$ref": "#/definitions/modifiedCiaType" }, + "environmentalScore": { "$ref": "#/definitions/scoreType" }, + "environmentalSeverity": { "$ref": "#/definitions/severityType" } + }, + "required": [ "version", "vectorString", "baseScore", "baseSeverity" ] +} diff --git a/csaf/validation.go b/csaf/validation.go index d2efac6..03a6e4c 100644 --- a/csaf/validation.go +++ b/csaf/validation.go @@ -4,8 +4,11 @@ import ( "context" _ "embed" "encoding/json" + "log" + "net/url" "sort" "strings" + "sync" "github.com/qri-io/jsonschema" ) @@ -13,10 +16,49 @@ import ( //go:embed schema/csaf_json_schema.json var schema []byte +//go:embed schema/cvss-v2.0.json +var cvss20 []byte + +//go:embed schema/cvss-v3.0.json +var cvss30 []byte + +//go:embed schema/cvss-v3.1.json +var cvss31 []byte + +func embedLoader(ctx context.Context, uri *url.URL, schema *jsonschema.Schema) error { + + var data []byte + switch u := uri.String(); u { + case "https://www.first.org/cvss/cvss-v2.0.json": + data = cvss20 + case "https://www.first.org/cvss/cvss-v3.0.json": + data = cvss30 + case "https://www.first.org/cvss/cvss-v3.1.json": + data = cvss31 + default: + log.Printf("escaped schema loader: %s\n", u) + return jsonschema.HTTPSchemaLoader(ctx, uri, schema) + } + if schema == nil { + schema = &jsonschema.Schema{} + } + return json.Unmarshal(data, schema) +} + +var registerEmbedLoaderOnce sync.Once + +func registerEmbedLoader() { + // Hook into schema loading. + slr := jsonschema.GetSchemaLoaderRegistry() + slr.Register("https", embedLoader) +} + // ValidateCSAF validates the document data against the JSON schema // of CSAF. func ValidateCSAF(doc interface{}) ([]string, error) { + registerEmbedLoaderOnce.Do(registerEmbedLoader) + ctx := context.Background() rs := &jsonschema.Schema{} diff --git a/go.mod b/go.mod index db7c792..ead2168 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/PaesslerAG/gval v1.1.2 github.com/PaesslerAG/jsonpath v0.1.1 github.com/ProtonMail/gopenpgp/v2 v2.3.0 - github.com/qri-io/jsonschema v0.2.1 + github.com/qri-io/jsonschema v0.2.2-0.20210831022256-780655b2ba0e ) require ( diff --git a/go.sum b/go.sum index 2ef2e30..98d749c 100644 --- a/go.sum +++ b/go.sum @@ -24,8 +24,8 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/qri-io/jsonpointer v0.1.1 h1:prVZBZLL6TW5vsSB9fFHFAMBLI4b0ri5vribQlTJiBA= github.com/qri-io/jsonpointer v0.1.1/go.mod h1:DnJPaYgiKu56EuDp8TU5wFLdZIcAnb/uH9v37ZaMV64= -github.com/qri-io/jsonschema v0.2.1 h1:NNFoKms+kut6ABPf6xiKNM5214jzxAhDBrPHCJ97Wg0= -github.com/qri-io/jsonschema v0.2.1/go.mod h1:g7DPkiOsK1xv6T/Ao5scXRkd+yTFygcANPBaaqW+VrI= +github.com/qri-io/jsonschema v0.2.2-0.20210831022256-780655b2ba0e h1:gqHzseevuZPr3oOLES1nrPO3exQfeTKUiPcJub5axVs= +github.com/qri-io/jsonschema v0.2.2-0.20210831022256-780655b2ba0e/go.mod h1:g7DPkiOsK1xv6T/Ao5scXRkd+yTFygcANPBaaqW+VrI= github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=