Skip to content

Incorrect types for related_ssvc_trees and fixed_by_packages in OpenAPI schema #2364

Description

@lamppu

Hi! I noticed another deficiency in the OpenAPI schema, for the AdvisoryV3 and AffectedByAdvisoryV3 schemas the related_ssvc_trees and fixed_by_packages properties are defined as string-type fields

"related_ssvc_trees": {
    "type": "string",
    "readOnly": true
},
"fixed_by_packages": {
    "type": "string",
    "readOnly": true
}

though related_ssvc_trees is an array of objects, and fixed_by_packages is an array of strings, so should be something like

"related_ssvc_trees": {
    "type": "array",
    "items": {
        "$ref": "#/components/schemas/RelatedSSVCTree"
    }, 
    "readOnly": true
},
"fixed_by_packages": {
    "type": "array",
    "items": {
        "type": "string"
    }, 
    "readOnly": true
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions