diff --git a/packages/assertions/assertions-csv/changelog.md b/packages/assertions/assertions-csv/changelog.md index 2f909df0d..c5dc81ff2 100644 --- a/packages/assertions/assertions-csv/changelog.md +++ b/packages/assertions/assertions-csv/changelog.md @@ -1,5 +1,5 @@ -# CSV Changelog - 08/10/2023 +# CSV Changelog - 29/02/2024 [Old CSV Path](assertions-csv/oldManual.csv) [New CSV Path](assertions-csv/manual.csv) @@ -7,23 +7,23 @@ ## REMOVED -- `privacy-immutable-id-as-property` was removed +- `td-privacy-immutable-id-as-property` was removed - `security-context-secure-fetch` was removed ## LINE-CHANGE -- `privacy-mutable-identifiers` was moved from Line 51 to 50 -- `privacy-temp-id-metadata` was moved from Line 52 to 51 -- `sec-body-name-json-pointer-type` was moved from Line 53 to 52 -- `sec-inj-no-intl-markup` was moved from Line 54 to 53 -- `security-jsonld-expansion` was moved from Line 56 to 54 -- `security-mutual-auth-td` was moved from Line 57 to 55 -- `security-no-execution` was moved from Line 58 to 56 -- `security-oauth-limits` was moved from Line 59 to 57 -- `security-remote-context` was moved from Line 60 to 58 -- `security-server-auth-td` was moved from Line 61 to 59 -- `security-static-context` was moved from Line 62 to 60 +- `td-privacy-mutable-identifiers` was moved from Line 51 to 50 +- `td-privacy-temp-id-metadata` was moved from Line 52 to 51 +- `td-security-body-name-json-pointer-type` was moved from Line 53 to 52 +- `td-security-inj-no-intl-markup` was moved from Line 54 to 53 +- `td-security-jsonld-expansion` was moved from Line 56 to 54 +- `td-security-mutual-auth-td` was moved from Line 57 to 55 +- `td-security-no-execution` was moved from Line 58 to 56 +- `td-security-oauth-limits` was moved from Line 59 to 57 +- `td-security-remote-context` was moved from Line 60 to 58 +- `td-security-server-auth-td` was moved from Line 61 to 59 +- `td-security-static-context` was moved from Line 62 to 60 - `td-context-ns-td10-namespacev10` was moved from Line 63 to 61 - `td-default-AdditionalResponseContentType` was moved from Line 64 to 62 - `td-default-observable` was moved from Line 65 to 63 @@ -32,10 +32,10 @@ - `td-security-extension` was moved from Line 68 to 66 - `td-text-direction-first-strong` was moved from Line 69 to 67 - `td-text-direction-language-tag` was moved from Line 70 to 68 -- `thing-model-td-generation-processor-extends` was moved from Line 71 to 69 -- `thing-model-td-generation-processor-forms` was moved from Line 72 to 70 -- `thing-model-td-generation-processor-placeholder` was moved from Line 73 to 71 -- `thing-model-td-generation-processor-required` was moved from Line 74 to 72 +- `tm-td-generation-processor-extends` was moved from Line 71 to 69 +- `tm-td-generation-processor-forms` was moved from Line 72 to 70 +- `tm-td-generation-processor-placeholder` was moved from Line 73 to 71 +- `tm-td-generation-processor-required` was moved from Line 74 to 72 - `tm-derivation-validity` was moved from Line 75 to 73 - `tm-overwrite-interaction` was moved from Line 76 to 74 - `tm-overwrite-types` was moved from Line 77 to 75 diff --git a/packages/assertions/assertions-csv/implemented.csv b/packages/assertions/assertions-csv/implemented.csv index 67126c141..8181579a7 100644 --- a/packages/assertions/assertions-csv/implemented.csv +++ b/packages/assertions/assertions-csv/implemented.csv @@ -1,10 +1,4 @@ "ID","Status","Comment","Assertion" -"privacy-distributed-ids","null",,"TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." -"privacy-id-metadata","null",,"TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." -"sec-body-name-json-pointer","null",,"When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with." -"sec-body-name-json-pointer-array","null",,"The JSON pointer used in the body locator MAY use the - character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array" -"sec-security-vocab-auto-in-no-name","null",,"" -"sec-vuln-auto","null",,"" "td-action-arrays","null",,"The type of the members forms MUST be serialized as a JSON array." "td-action-names","null",,"" "td-action-names_at-type","null",,"Each optional vocabulary term as defined in the class Action and its superclass InteractionPattern MUST be serialized as a JSON name within an Action object." @@ -132,6 +126,8 @@ "td-op-for-event","null",,"When a forms term member is present in an Event instance, the value(s) of op in the forms MUST be one of subscribeevent or unsubscribeevent." "td-op-for-property","null",,"When a forms term member is present in a Property instance, the value(s) of op in the forms MUST be one of readproperty, writeproperty or observeproperty." "td-op-for-thing","null",,"When a forms term member is present in a Thing instance, the value(s) of op in the forms MUST be one of readallproperties, writeallproperties, readmultipleproperties or writemultipleproperties." +"td-privacy-distributed-ids","null",,"TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." +"td-privacy-id-metadata","null",,"TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." "td-processor","null",,"" "td-properties","null",,"" "td-properties_existence","null",,"Properties (and sub-properties) offered by a Thing MUST be collected in the JSON-object based properties member with (unique) Property names as JSON names. (Checking their existence)" @@ -174,6 +170,8 @@ "td-security-bearer-format-extensions_alg","null",,"alg: Encoding, encryption, or digest algorithm (one of MD5, ES256, or ES512-256). MUST be included. Type: string." "td-security-bearer-format-extensions_format","null",,"alg: Encoding, encryption, or digest algorithm (one of MD5, ES256, or ES512-256). MUST be included. Type: string." "td-security-binding","null",,"" +"td-security-body-name-json-pointer","null",,"When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with." +"td-security-body-name-json-pointer-array","null",,"The JSON pointer used in the body locator MAY use the - character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array" "td-security-combo-deprecation","null",,"" "td-security-combo-exclusive-oneof-or-allof","null",,"Exactly one of either oneOf or allOf MUST be included." "td-security-in-query-over-uri","null",,"The value uri SHOULD be specified for the name in in a security scheme only if query is not applicable." @@ -185,7 +183,9 @@ "td-security-overrides","null",,"" "td-security-scheme-name","null",,"" "td-security-schemes","null",,"" +"td-security-security-vocab-auto-in-no-name","null",,"" "td-security-uri-variables-distinct","null",,"" +"td-security-vuln-auto","null",,"" "td-string-type","null",,"" "td-text-at-direction","null",,"Given that the Thing Description format is based on JSON-LD 1.1 [[?json-ld11]], @direction with the string values ltr, rtl and null value null MAY be used inside the @context to indicate the default text direction for the human readable strings in the entire TD document." "td-title-description","null",,"" @@ -347,11 +347,11 @@ "td-vocab-uriVariables--Thing","null",,"forms: Indicates one or more endpoints at which operation(s) on this resource are accessible. In this version of TD, all operations that can be described at the Thing level are concerning how to interact with the Thing's Property interaction resources collectively at once. MAY be included. Type: array of Form." "td-vocab-version--Thing","null",,"The version container MAY be used to provide additional application and/or device specific version information based on terms from non-TD namespaces." "td-vocab-writeOnly--DataSchema","null",,"writeOnly: Boolean value that indicates whether a property interaction / value is write only (=true) or not (=false). MUST be included. Type: boolean." -"thing-model-td-generation-processor-imports","null",,"" -"thing-model-td-generation-processor-optional","null",,"" -"thing-model-td-generation-processor-type","null",,"" "tm-compose-name-collision","null",,"" "tm-rel-type-maximum","null",,"" +"tm-td-generation-processor-imports","null",,"" +"tm-td-generation-processor-optional","null",,"" +"tm-td-generation-processor-type","null",,"" "well-known-operation-types-only","null",,"" "tm-compose-instanceName","null",,"" "tm-compose-submodel","null",,"" diff --git a/packages/assertions/assertions-csv/manual-generation-inputs/pre-implemented.csv b/packages/assertions/assertions-csv/manual-generation-inputs/pre-implemented.csv index b43da8c28..c5d201d88 100644 --- a/packages/assertions/assertions-csv/manual-generation-inputs/pre-implemented.csv +++ b/packages/assertions/assertions-csv/manual-generation-inputs/pre-implemented.csv @@ -1,10 +1,4 @@ "ID","Status","Comment","Assertion" -"privacy-distributed-ids","not-impl","data/id must match pattern ""^(urn:uuid:)[a-f0-9]{8}-?[a-f0-9]{4}-?4[a-f0-9]{3}-?[89ab][a-f0-9]{3}-?[a-f0-9]{12}""","TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." -"privacy-id-metadata","not-impl","data/id must match pattern ""^(urn:uuid:)[a-f0-9]{8}-?[a-f0-9]{4}-?4[a-f0-9]{3}-?[89ab][a-f0-9]{3}-?[a-f0-9]{12}""","TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." -"sec-body-name-json-pointer","not-impl",,"When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with." -"sec-body-name-json-pointer-array","not-impl",,"The JSON pointer used in the body locator MAY use the - character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array" -"sec-security-vocab-auto-in-no-name","not-impl",, -"sec-vuln-auto","not-impl",, "td-action-arrays","not-impl","data must have required property 'actions'","The type of the members forms MUST be serialized as a JSON array." "td-action-names","not-impl","Error message can be seen in the children assertions", "td-action-names_at-type","not-impl",,"Each optional vocabulary term as defined in the class Action and its superclass InteractionPattern MUST be serialized as a JSON name within an Action object." @@ -132,6 +126,8 @@ "td-op-for-event","not-impl",,"When a forms term member is present in an Event instance, the value(s) of op in the forms MUST be one of subscribeevent or unsubscribeevent. " "td-op-for-property","not-impl",,"When a forms term member is present in a Property instance, the value(s) of op in the forms MUST be one of readproperty, writeproperty or observeproperty. " "td-op-for-thing","not-impl",,"When a forms term member is present in a Thing instance, the value(s) of op in the forms MUST be one of readallproperties, writeallproperties, readmultipleproperties or writemultipleproperties. " +"td-privacy-distributed-ids","not-impl","data/id must match pattern ""^(urn:uuid:)[a-f0-9]{8}-?[a-f0-9]{4}-?4[a-f0-9]{3}-?[89ab][a-f0-9]{3}-?[a-f0-9]{12}""","TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." +"td-privacy-id-metadata","not-impl","data/id must match pattern ""^(urn:uuid:)[a-f0-9]{8}-?[a-f0-9]{4}-?4[a-f0-9]{3}-?[89ab][a-f0-9]{3}-?[a-f0-9]{12}""","TD identifiers SHOULD be generated using a distributed mechanism such as UUIDs that provides a high probability of uniqueness." "td-processor","pass",, "td-properties","not-impl","Error message can be seen in the children assertions", "td-properties_existence","not-impl","data must have required property 'properties'"," Properties (and sub-properties) offered by a Thing MUST be collected in the JSON-object based properties member with (unique) Property names as JSON names. (Checking their existence)" @@ -174,6 +170,8 @@ "td-security-bearer-format-extensions_alg","not-impl",,"alg: Encoding, encryption, or digest algorithm (one of MD5, ES256, or ES512-256). MUST be included. Type: string." "td-security-bearer-format-extensions_format","not-impl",,"alg: Encoding, encryption, or digest algorithm (one of MD5, ES256, or ES512-256). MUST be included. Type: string." "td-security-binding","pass","result of a merge", +"td-security-body-name-json-pointer","not-impl",,"When used in the context of a body security information location, the value of name MUST be in the form of a JSON pointer [[!RFC6901]] relative to the root of the input DataSchema for each interaction it is used with." +"td-security-body-name-json-pointer-array","not-impl",,"The JSON pointer used in the body locator MAY use the - character to indicate a non-existent array element when it is necessary to insert an element after the last element of an existing array" "td-security-combo-deprecation","not-impl",, "td-security-combo-exclusive-oneof-or-allof","not-impl",,"Exactly one of either oneOf or allOf MUST be included." "td-security-in-query-over-uri","not-impl",,"The value uri SHOULD be specified for the name in in a security scheme only if query is not applicable." @@ -186,7 +184,9 @@ "td-security-overrides","not-impl",, "td-security-scheme-name","pass",, "td-security-schemes","pass",, +"td-security-security-vocab-auto-in-no-name","not-impl",, "td-security-uri-variables-distinct","not-impl","no use of name in a uri apikey scheme", +"td-security-vuln-auto","not-impl",, "td-string-type","pass","result of a merge", "td-text-at-direction","not-impl","data/@context must be array","Given that the Thing Description format is based on JSON-LD 1.1 [[?json-ld11]], @direction with the string values ltr, rtl and null value null MAY be used inside the @context to indicate the default text direction for the human readable strings in the entire TD document." "td-title-description","not-impl","Error message can be seen in the children assertions", @@ -348,22 +348,22 @@ "td-vocab-uriVariables--Thing","not-impl","data must have required property 'uriVariables'","forms: Indicates one or more endpoints at which operation(s) on this resource are accessible. In this version of TD, all operations that can be described at the Thing level are concerning how to interact with the Thing's Property interaction resources collectively at once. MAY be included. Type: array of Form." "td-vocab-version--Thing","not-impl","data must have required property 'version'","The version container MAY be used to provide additional application and/or device specific version information based on terms from non-TD namespaces." "td-vocab-writeOnly--DataSchema","not-impl",,"writeOnly: Boolean value that indicates whether a property interaction / value is write only (=true) or not (=false). MUST be included. Type: boolean." -"thing-model-td-generation-processor-imports","not-impl","td does not link to tm", -"thing-model-td-generation-processor-optional","not-impl","td does not link to tm", -"thing-model-td-generation-processor-type","not-impl","td does not link to tm", "tm-compose-name-collision","not-impl",, "tm-rel-type-maximum","not-impl","no links array in the td", +"tm-td-generation-processor-imports","not-impl","td does not link to tm", +"tm-td-generation-processor-optional","not-impl","td does not link to tm", +"tm-td-generation-processor-type","not-impl","td does not link to tm", "well-known-operation-types-only","not-impl","result of a merge", -"bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." -"bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." -"client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions." -"client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing." -"client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing." -"client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing." -"sec-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." -"server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." -"server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description." -"server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." +"td-bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." +"td-bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." +"td-client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions." +"td-client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing." +"td-client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing." +"td-client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing." +"td-security-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." +"td-server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." +"td-server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description." +"td-server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." "td-context-default-language-direction-independence","null","not testable with Assertion Tester","However, when interpreting human-readable text, each human-readable string value MUST be processed independently." "td-default-alg","null","not testable with Assertion Tester","BearerSecurityScheme alg ES256" "td-default-contentType","null","not testable with Assertion Tester","Form contentType application/json" @@ -400,22 +400,22 @@ "td-security-no-extras","null","not testable with Assertion Tester","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description." "td-security-no-secrets","null","not testable with Assertion Tester","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms." "td-vocabulary-defaults","null","not testable with Assertion Tester","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions." -"privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing." -"privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority." -"privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." -"privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier." -"privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." -"privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." -"sec-body-name-json-pointer-type","null","not testable with Assertion Tester","." -"sec-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." +"td-privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing." +"td-privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority." +"td-privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." +"td-privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier." +"td-privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." +"td-privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." +"td-security-body-name-json-pointer-type","null","not testable with Assertion Tester","." +"td-security-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." "security-context-secure-fetch","null","not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given." -"security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." -"security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." -"security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." -"security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." -"security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts." -"security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." -"security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." +"td-security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." +"td-security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." +"td-security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." +"td-security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." +"td-security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts." +"td-security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." +"td-security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." "td-context-ns-td10-namespacev10","null","not testable with Assertion Tester","TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description]] specification." "td-default-AdditionalResponseContentType","null","not testable with Assertion Tester","AdditionalExpectedResponse contentType value of the contentType of the Form element it belongs to." "td-default-observable","null","not testable with Assertion Tester","PropertyAffordance observable false" @@ -424,6 +424,7 @@ "td-security-extension","null","not testable with Assertion Tester","Additional security schemes MUST be Subclasses of the Class SecurityScheme." "td-text-direction-first-strong","null","not testable with Assertion Tester","When metadata such as @direction is not present, TD Consumers SHOULD use [=first-strong detection=] as a fallback." "td-text-direction-language-tag","null","not testable with Assertion Tester","For the MultiLanguage Map, TD Consumers MAY infer the [=base direction=] from the language tag of the individual strings." +"ID","Status","Comment","Assertion" "tm-compose-instanceName","not-impl",, "tm-compose-submodel","not-impl",, "tm-context-requirement","pass",, @@ -442,10 +443,10 @@ "tm-tmRef-usecase","not-impl",, "tm-tmRef1","not-impl",, "tm-versioning-2","not-impl","data must have required property 'version'", -"thing-model-td-generation-processor-extends","null","not testable with Assertion Tester","If used" -"thing-model-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." -"thing-model-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." -"thing-model-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." +"tm-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with rel:tm:extends MUST be removed from the current Partial TD" +"tm-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." +"tm-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." +"tm-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." "tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model." "tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model." "tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions." diff --git a/packages/assertions/assertions-csv/manual.csv b/packages/assertions/assertions-csv/manual.csv index 1d6d86e3a..43e5563af 100644 --- a/packages/assertions/assertions-csv/manual.csv +++ b/packages/assertions/assertions-csv/manual.csv @@ -1,14 +1,14 @@ "ID","Status","Comment","Assertion" -"bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." -"bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." -"client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions." -"client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing." -"client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing." -"client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing." -"sec-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." -"server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." -"server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description." -"server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." +"td-bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." +"td-bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." +"td-client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions." +"td-client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing." +"td-client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing." +"td-client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing." +"td-security-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." +"td-server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." +"td-server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description." +"td-server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." "td-context-default-language-direction-independence","null","not testable with Assertion Tester","However, when interpreting human-readable text, each human-readable string value MUST be processed independently." "td-default-alg","null","not testable with Assertion Tester","BearerSecurityScheme alg ES256" "td-default-contentType","null","not testable with Assertion Tester","Form contentType application/json" @@ -45,20 +45,20 @@ "td-security-no-extras","null","not testable with Assertion Tester","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description." "td-security-no-secrets","null","not testable with Assertion Tester","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms." "td-vocabulary-defaults","null","not testable with Assertion Tester","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions." -"privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing." -"privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority." -"privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." -"privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." -"privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." -"sec-body-name-json-pointer-type","null","not testable with Assertion Tester","." -"sec-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." -"security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." -"security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." -"security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." -"security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." -"security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts." -"security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." -"security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." +"td-privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing." +"td-privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority." +"td-privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." +"td-privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." +"td-privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." +"td-security-body-name-json-pointer-type","null","not testable with Assertion Tester","." +"td-security-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." +"td-security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." +"td-security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." +"td-security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." +"td-security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." +"td-security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts." +"td-security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." +"td-security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." "td-context-ns-td10-namespacev10","null","not testable with Assertion Tester","TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description]] specification." "td-default-AdditionalResponseContentType","null","not testable with Assertion Tester","AdditionalExpectedResponse contentType value of the contentType of the Form element it belongs to." "td-default-observable","null","not testable with Assertion Tester","PropertyAffordance observable false" @@ -67,10 +67,10 @@ "td-security-extension","null","not testable with Assertion Tester","Additional security schemes MUST be Subclasses of the Class SecurityScheme." "td-text-direction-first-strong","null","not testable with Assertion Tester","When metadata such as @direction is not present, TD Consumers SHOULD use [=first-strong detection=] as a fallback." "td-text-direction-language-tag","null","not testable with Assertion Tester","For the MultiLanguage Map, TD Consumers MAY infer the [=base direction=] from the language tag of the individual strings." -"thing-model-td-generation-processor-extends","null","not testable with Assertion Tester","If used" -"thing-model-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." -"thing-model-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." -"thing-model-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." +"tm-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with rel:tm:extends MUST be removed from the current Partial TD" +"tm-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." +"tm-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." +"tm-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." "tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model." "tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model." "tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions." diff --git a/packages/assertions/assertions-csv/old.csv b/packages/assertions/assertions-csv/old.csv index f44060784..0e35a353a 100644 --- a/packages/assertions/assertions-csv/old.csv +++ b/packages/assertions/assertions-csv/old.csv @@ -1,4 +1,5 @@ "ID","Status","Comment","Assertion" "td-security-oauth2-device-flow",,"not testable with Assertion Tester","For the device flow both authorization and token MUST be included." -"privacy-immutable-id-as-property",,"not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier." -"security-context-secure-fetch",,"not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given." \ No newline at end of file +"td-privacy-immutable-id-as-property",,"not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier." +"security-context-secure-fetch",,"not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given." +"ID",,"not testable with Assertion Tester","Assertion" \ No newline at end of file diff --git a/packages/assertions/assertions-csv/oldManual.csv b/packages/assertions/assertions-csv/oldManual.csv index 6330dbbf5..8bbdb06cd 100644 --- a/packages/assertions/assertions-csv/oldManual.csv +++ b/packages/assertions/assertions-csv/oldManual.csv @@ -1,85 +1,85 @@ -"ID","Status","Comment","Assertion" -"bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member." -"bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction." -"client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions." -"client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing." -"client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing." -"client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing." -"sec-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer." -"server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction." -"server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description." -"server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing." -"td-context-default-language-direction-independence","null","not testable with Assertion Tester","However, when interpreting human-readable text, each human-readable string value MUST be processed independently." -"td-default-alg","null","not testable with Assertion Tester","BearerSecurityScheme alg ES256" -"td-default-contentType","null","not testable with Assertion Tester","Form contentType application/json" -"td-default-format","null","not testable with Assertion Tester","BearerSecurityScheme format jwt" -"td-default-http-method","null","not testable with Assertion Tester","When no method is indicated in a form representing an Protocol Binding based on HTTP, a Default Value MUST be assumed as shown in the following table." -"td-default-http-method_get","null","not testable with Assertion Tester","htv:methodName GET Form with operation type readproperty, readallproperties, readmultipleproperties" -"td-default-http-method_post","null","not testable with Assertion Tester","htv:methodName POST Form with operation type invokeaction" -"td-default-http-method_put","null","not testable with Assertion Tester","htv:methodName PUT Form with operation type writeproperty, writeallproperties, writemultipleproperties" -"td-default-idempotent","null","not testable with Assertion Tester","ActionAffordance idempotent false" -"td-default-in-apikey","null","not testable with Assertion Tester","APIKeySecurityScheme in query" -"td-default-in-basic","null","not testable with Assertion Tester","BasicSecurityScheme in header" -"td-default-in-bearer","null","not testable with Assertion Tester","BearerSecurityScheme in header" -"td-default-in-digest","null","not testable with Assertion Tester","DigestSecurityScheme in header" -"td-default-op-actions","null","not testable with Assertion Tester","Form op invokeaction If defined within an instance of ActionAffordance" -"td-default-op-events","null","not testable with Assertion Tester","Form op Array of string with the elements subscribeevent and unsubscribeevent If defined within an instance of EventAffordance" -"td-default-op-properties","null","not testable with Assertion Tester","Form op Array of string with the elements readproperty and writeproperty when readOnly and writeOnly are set to false or Array of string with the element readproperty when readOnly is set to true or Array of string with the element writeproperty when writeOnly is set to true. If defined within an instance of PropertyAffordance" -"td-default-qop","null","not testable with Assertion Tester","DigestSecurityScheme qop auth" -"td-default-readOnly","null","not testable with Assertion Tester","PropertyAffordance readOnly false The default value for this vocabulary term applies only to the PropertyAffordance level definition. In other contexts, such as DataSchema definitions, the vocabulary term is optional." -"td-default-safe","null","not testable with Assertion Tester","ActionAffordance safe false" -"td-default-success","null","not testable with Assertion Tester","AdditionalExpectedResponse success false" -"td-default-writeOnly","null","not testable with Assertion Tester","PropertyAffordance writeOnly false The default value for this vocabulary term applies only to the PropertyAffordance level definition. In other contexts, such as DataSchema definitions, the vocabulary term is optional." -"td-expectedResponse-default-contentType","null","not testable with Assertion Tester","If no response name-value pair is provided, it MUST be assumed that the content type of the response is equal to the content type assigned to the Form instance." -"td-form-protocolbindings","null","not testable with Assertion Tester","If required, form objects MAY be supplemented with protocol-specific Vocabulary Terms identified with a prefix." -"td-format-validation-other-values","null","not testable with Assertion Tester","When a value that is not found in the known set of values is assigned to format, such a validation SHOULD succeed." -"td-json-open","null","not testable with Assertion Tester","TDs MUST be serialized according to the requirements defined in Section 8.1 of RFC8259 [[!RFC8259]] for open ecosystems." -"td-json-open_accept-byte-order","null","not testable with Assertion Tester","TD Processors MAY ignore the presence of a byte order mark rather than treating it as an error." -"td-json-open_no-byte-order","null","not testable with Assertion Tester","Implementations MUST NOT add a byte order mark (U+FEFF) to the beginning of a TD document." -"td-ns-multilanguage-content-negotiation","null","not testable with Assertion Tester","In cases where the default language has been negotiated, an @language member MUST be present to indicate the result of the negotiation and the corresponding default language of the returned content." -"td-ns-multilanguage-content-negotiation-no-multi","null","not testable with Assertion Tester","When the default language has been negotiated successfully, TD documents SHOULD include the appropriate matching values for the members title and description in preference to MultiLanguage objects in titles and descriptions members." -"td-ns-multilanguage-content-negotiation-optional","null","not testable with Assertion Tester","Note however that Things MAY choose to not support such dynamically-generated TDs nor to support language negotiation (e.g., because of resource constraints)." -"td-processor-serialization","null","not testable with Assertion Tester","A TD Processor MUST be able to serialize Thing Descriptions into the JSON format [[!RFC8259]] and/or deserialize Thing Descriptions from that format, according to the rules noted in and ." -"td-security-binding","null","not testable with Assertion Tester","If a Thing requires a specific access mechanism for an interaction, that mechanism MUST be specified in the security configuration of the Thing Description." -"td-security-in-query-over-uri","null","not testable with Assertion Tester","The value uri SHOULD be specified for the name in in a security scheme only if query is not applicable." -"td-security-no-extras","null","not testable with Assertion Tester","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description." -"td-security-no-secrets","null","not testable with Assertion Tester","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms." -"td-vocabulary-defaults","null","not testable with Assertion Tester","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions." -"privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing." -"privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority." -"privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD." -"privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier." -"privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary." -"privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself." -"sec-body-name-json-pointer-type","null","not testable with Assertion Tester","." -"sec-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings." -"security-context-secure-fetch","null","not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given." -"security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing." -"security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels." -"security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed." -"security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access." -"security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts." -"security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated." -"security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process." -"td-context-ns-td10-namespacev10","null","not testable with Assertion Tester","TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description]] specification." -"td-default-AdditionalResponseContentType","null","not testable with Assertion Tester","AdditionalExpectedResponse contentType value of the contentType of the Form element it belongs to." -"td-default-observable","null","not testable with Assertion Tester","PropertyAffordance observable false" -"td-processor-bidi-isolation","null","not testable with Assertion Tester","TD Processors SHOULD take care to use bidi isolation when presenting strings to users, particularly when embedding in surrounding text (e.g., for Web user interface)" -"td-producer-mixed-direction","null","not testable with Assertion Tester","TD producers SHOULD attempt to provide mixed direction strings in a way that can be displayed successfully by a naive user agent." -"td-security-extension","null","not testable with Assertion Tester","Additional security schemes MUST be Subclasses of the Class SecurityScheme." -"td-text-direction-first-strong","null","not testable with Assertion Tester","When metadata such as @direction is not present, TD Consumers SHOULD use [=first-strong detection=] as a fallback." -"td-text-direction-language-tag","null","not testable with Assertion Tester","For the MultiLanguage Map, TD Consumers MAY infer the [=base direction=] from the language tag of the individual strings." -"thing-model-td-generation-processor-extends","null","not testable with Assertion Tester","If used" -"thing-model-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or ." -"thing-model-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD." -"thing-model-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance." -"tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model." -"tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model." -"tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions." -"tm-placeholder-replacement","null","not testable with Assertion Tester","The placeholder labeling MUST be substituted with a concrete value (e.g., as JSON number, JSON string, JSON object, etc) when TD instance is created from the Thing Model." -"tm-ref-recursive-extensions","null","not testable with Assertion Tester","Recursive extensions leading to an infinite loop MUST NOT be defined." -"tm-tmRef-overwrite-possibility","null","not testable with Assertion Tester","If the intention is to override an existing JSON name-value pair definition from tm:ref, the same JSON name MUST be used at the same level of the tm:ref declaration that provides a new value." -"tm-tmRef-overwrite-process","null","not testable with Assertion Tester","The process to overwrite MUST follow the JSON Merge Patch algorithm as defined in [RFC7396] where the content of the referenced definition is patched with the new provided JSON name-value pairs." -"tm-tmRef-overwrite-semantic-meaning","null","not testable with Assertion Tester","Similar to tm:extends and to keep the semantic meaning, definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin referenced definition." -"tm-tmRef2","null","not testable with Assertion Tester","Every time tm:ref is used, the referenced pre-definition and its dependencies (e.g., by context extension) MUST be assumed at the new defined definition." -"tm-versioning-1","null","not testable with Assertion Tester","When the Thing Model definitions change over time, this SHOULD be reflected in the version container." +"ID","Status","Comment","Assertion", +"td-bindings-requirements-scheme","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST follow the requirements of the Protocol Binding indicated by the URI scheme [[!RFC3986]] of its href member.", +"td-bindings-server-accept","null","not testable with Assertion Tester","Every form in a WoT Thing Description MUST accurately describe requests (including request headers, if present) accepted by the Thing in an interaction.","" +"td-client-data-schema","null","not testable with Assertion Tester","A Consumer when interacting with another target Thingdescribed in a WoT Thing Description MUST generate data organized according to the data schemas given in the correspondinginteractions.", +"td-client-data-schema-accept-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST accept withouterror any additional data not described in the data schemas given in the Thing Description of the target Thing.", +"td-client-data-schema-no-extras","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST NOT generate datanot described in the data schemas given in the Thing Description of that Thing.", +"td-client-uri-template","null","not testable with Assertion Tester","A Consumer when interacting with another Thing MUST generate URIsaccording to the URI Templates, base URIs, and form href parametersgiven in the Thing Description of the target Thing.", +"td-security-body-name-json-pointer-creatable","null","not testable with Assertion Tester","When an element of a data schema indicated by a JSON pointer indicated in a body locator does not already exist in the indicated schema, it MUST be possible to insert the indicated element at the location indicated by the pointer.", +"td-server-data-schema","null","not testable with Assertion Tester","A WoT Thing Description MUST accurately describe the data returned and accepted by each interaction.", +"td-server-data-schema-extras","null","not testable with Assertion Tester","A Thing MAY return additional data from an interactioneven when such data is not described in the data schemas given in its WoT Thing Description.", +"td-server-uri-template","null","not testable with Assertion Tester","URI Templates, base URIs, and href membersin a WoT Thing Description MUST accurately describe the WoT Interface of the Thing.", +"td-context-default-language-direction-independence","null","not testable with Assertion Tester","However, when interpreting human-readable text, each human-readable string value MUST be processed independently.", +"td-default-alg","null","not testable with Assertion Tester","BearerSecurityScheme alg ES256", +"td-default-contentType","null","not testable with Assertion Tester","Form contentType application/json", +"td-default-format","null","not testable with Assertion Tester","BearerSecurityScheme format jwt", +"td-default-http-method","null","not testable with Assertion Tester","When no method is indicated in a form representing an Protocol Binding based on HTTP, a Default Value MUST be assumed as shown in the following table.", +"td-default-http-method_get","null","not testable with Assertion Tester","htv:methodName GET Form with operation type readproperty, readallproperties, readmultipleproperties", +"td-default-http-method_post","null","not testable with Assertion Tester","htv:methodName POST Form with operation type invokeaction", +"td-default-http-method_put","null","not testable with Assertion Tester","htv:methodName PUT Form with operation type writeproperty, writeallproperties, writemultipleproperties", +"td-default-idempotent","null","not testable with Assertion Tester","ActionAffordance idempotent false", +"td-default-in-apikey","null","not testable with Assertion Tester","APIKeySecurityScheme in query", +"td-default-in-basic","null","not testable with Assertion Tester","BasicSecurityScheme in header", +"td-default-in-bearer","null","not testable with Assertion Tester","BearerSecurityScheme in header", +"td-default-in-digest","null","not testable with Assertion Tester","DigestSecurityScheme in header", +"td-default-op-actions","null","not testable with Assertion Tester","Form op invokeaction If defined within an instance of ActionAffordance", +"td-default-op-events","null","not testable with Assertion Tester","Form op Array of string with the elements subscribeevent and unsubscribeevent If defined within an instance of EventAffordance", +"td-default-op-properties","null","not testable with Assertion Tester","Form op Array of string with the elements readproperty and writeproperty when readOnly and writeOnly are set to false or Array of string with the element readproperty when readOnly is set to true or Array of string with the element writeproperty when writeOnly is set to true. If defined within an instance of PropertyAffordance", +"td-default-qop","null","not testable with Assertion Tester","DigestSecurityScheme qop auth", +"td-default-readOnly","null","not testable with Assertion Tester","PropertyAffordance readOnly false The default value for this vocabulary term applies only to the PropertyAffordance level definition. In other contexts, such as DataSchema definitions, the vocabulary term is optional.", +"td-default-safe","null","not testable with Assertion Tester","ActionAffordance safe false", +"td-default-success","null","not testable with Assertion Tester","AdditionalExpectedResponse success false", +"td-default-writeOnly","null","not testable with Assertion Tester","PropertyAffordance writeOnly false The default value for this vocabulary term applies only to the PropertyAffordance level definition. In other contexts, such as DataSchema definitions, the vocabulary term is optional.", +"td-expectedResponse-default-contentType","null","not testable with Assertion Tester","If no response name-value pair is provided, it MUST be assumed that the content type of the response is equal to the content type assigned to the Form instance.", +"td-form-protocolbindings","null","not testable with Assertion Tester","If required, form objects MAY be supplemented with protocol-specific Vocabulary Terms identified with a prefix.", +"td-format-validation-other-values","null","not testable with Assertion Tester","When a value that is not found in the known set of values is assigned to format, such a validation SHOULD succeed.", +"td-json-open","null","not testable with Assertion Tester","TDs MUST be serialized according to the requirements defined in Section 8.1 of RFC8259 [[!RFC8259]] for open ecosystems.", +"td-json-open_accept-byte-order","null","not testable with Assertion Tester","TD Processors MAY ignore the presence of a byte order mark rather than treating it as an error.", +"td-json-open_no-byte-order","null","not testable with Assertion Tester","Implementations MUST NOT add a byte order mark (U+FEFF) to the beginning of a TD document.", +"td-ns-multilanguage-content-negotiation","null","not testable with Assertion Tester","In cases where the default language has been negotiated, an @language member MUST be present to indicate the result of the negotiation and the corresponding default language of the returned content.", +"td-ns-multilanguage-content-negotiation-no-multi","null","not testable with Assertion Tester","When the default language has been negotiated successfully, TD documents SHOULD include the appropriate matching values for the members title and description in preference to MultiLanguage objects in titles and descriptions members.", +"td-ns-multilanguage-content-negotiation-optional","null","not testable with Assertion Tester","Note however that Things MAY choose to not support such dynamically-generated TDs nor to support language negotiation (e.g., because of resource constraints).", +"td-processor-serialization","null","not testable with Assertion Tester","A TD Processor MUST be able to serialize Thing Descriptions into the JSON format [[!RFC8259]] and/or deserialize Thing Descriptions from that format, according to the rules noted in and .", +"td-security-binding","null","not testable with Assertion Tester","If a Thing requires a specific access mechanism for an interaction, that mechanism MUST be specified in the security configuration of the Thing Description.", +"td-security-in-query-over-uri","null","not testable with Assertion Tester","The value uri SHOULD be specified for the name in in a security scheme only if query is not applicable.", +"td-security-no-extras","null","not testable with Assertion Tester","If a Thing does not require a specific access mechanism for an interaction, that mechanism MUST NOT be specified in the security configuration of the Thing Description.", +"td-security-no-secrets","null","not testable with Assertion Tester","For all security schemes, any keys, passwords, or other sensitive information directly providing access MUST NOT be stored in the TD and should instead be shared and stored out-of-band via other mechanisms.", +"td-vocabulary-defaults","null","not testable with Assertion Tester","When assignments in a TD are missing, a TD Processor MUST follow the Default Value assignments expressed in the table of Default Value Definitions.", +"td-privacy-auth-users-only","null","not testable with Assertion Tester","Only authorized users SHOULD be provided access to the Thing Description for a Thing.", +"td-privacy-centralized-ids","null","not testable with Assertion Tester","TD identifiers SHOULD NOT be generated using a centralized authority.", +"td-privacy-essential-metadata-only","null","not testable with Assertion Tester","Only the amount of information needed for the level of authorization and the use case SHOULD be provided in a TD.", +"td-privacy-immutable-id-as-property","null","not testable with Assertion Tester","Ideally, any required immutable identifiers SHOULD only be made available via affordances, such as a property, whose value can only be obtained after appropriate authentication and authorization, and managed separately from the TD identifier.", +"td-privacy-mutable-identifiers","null","not testable with Assertion Tester","All identifiers used in a TD SHOULD be mutable, and in particular there SHOULD be a mechanism to update the id of a Thing when necessary.", +"td-privacy-temp-id-metadata","null","not testable with Assertion Tester","Any temporary ID generated to manage TDs, for example an ID for a database or directory service, SHOULD NOT contain metadata describing the Thing or from the TD itself.", +"td-security-body-name-json-pointer-type","null","not testable with Assertion Tester","The element referenced (or created) by a body security information location MUST be required and of type ""string"".", +"td-security-inj-no-intl-markup","null","not testable with Assertion Tester","HTML markup SHOULD NOT be used for internationalization purposes in TD strings.", +"security-context-secure-fetch","null","not testable with Assertion Tester","If it is necessary to fetch a context definition file, an implementation SHOULD first attempt to use HTTP over TLS even when only an HTTP URL is given.", +"td-security-jsonld-expansion","null","not testable with Assertion Tester","Consumers SHOULD set and enforce limits on memory usage to prevent buffer overflow and resource exhaustion during JSON-LD processing.", +"td-security-mutual-auth-td","null","not testable with Assertion Tester","Thing Descriptions SHOULD be obtained only through mutually authenticated secure channels.", +"td-security-no-execution","null","not testable with Assertion Tester","A WoT Thing Description JSON-LD serialization MUST NOT be passed through a code execution mechanism such as JavaScript's eval() function to be parsed.", +"td-security-oauth-limits","null","not testable with Assertion Tester","To limit the scope and duration of access to Things, tokens SHOULD be used to manage access.", +"td-security-remote-context","null","not testable with Assertion Tester","Constrained implementations SHOULD NOT follow links to remote contexts.", +"td-security-server-auth-td","null","not testable with Assertion Tester","In cases where the Consumer is associated with a person, e.g. browsers, TDs MAY be obtained through a channel where only the TD provider is authenticated.", +"td-security-static-context","null","not testable with Assertion Tester","Constrained implementations SHOULD use vetted versions of their supported context extensions managed statically or as part of a secure update process.", +"td-context-ns-td10-namespacev10","null","not testable with Assertion Tester","TD 1.1 consumers MUST accept TDs satisfying the W3C WoT Thing Description 1.0 [[wot-thing-description]] specification.", +"td-default-AdditionalResponseContentType","null","not testable with Assertion Tester","AdditionalExpectedResponse contentType value of the contentType of the Form element it belongs to.", +"td-default-observable","null","not testable with Assertion Tester","PropertyAffordance observable false", +"td-processor-bidi-isolation","null","not testable with Assertion Tester","TD Processors SHOULD take care to use bidi isolation when presenting strings to users, particularly when embedding in surrounding text (e.g., for Web user interface)", +"td-producer-mixed-direction","null","not testable with Assertion Tester","TD producers SHOULD attempt to provide mixed direction strings in a way that can be displayed successfully by a naive user agent.", +"td-security-extension","null","not testable with Assertion Tester","Additional security schemes MUST be Subclasses of the Class SecurityScheme.", +"td-text-direction-first-strong","null","not testable with Assertion Tester","When metadata such as @direction is not present, TD Consumers SHOULD use [=first-strong detection=] as a fallback.", +"td-text-direction-language-tag","null","not testable with Assertion Tester","For the MultiLanguage Map, TD Consumers MAY infer the [=base direction=] from the language tag of the individual strings.", +"tm-td-generation-processor-extends","null","not testable with Assertion Tester","If used, links element entry with rel:tm:extends MUST be removed from the current Partial TD", +"tm-td-generation-processor-forms","null","not testable with Assertion Tester","Missing communication and/or security metadata details MUST be completed in the Thing Description instance based on Section and/or .", +"tm-td-generation-processor-placeholder","null","not testable with Assertion Tester","If used, all placeholders (see Section ) in the Thing Model MUST be replaced with a valid corresponding value in the Partial TD.", +"tm-td-generation-processor-required","null","not testable with Assertion Tester","All required interactions (not listed in tm:optional) MUST be taken over to the Partial TD instance.", +"tm-derivation-validity","null","not testable with Assertion Tester","When a Thing Descriptions is instantiated by relying on a Thing Model, it SHOULD be valid according to that Thing Model.", +"tm-overwrite-interaction","null","not testable with Assertion Tester","A Thing Model SHOULD NOT overwrite the JSON names defined within the properties, actions, and/or events Map of the extended Thing Model.", +"tm-overwrite-types","null","not testable with Assertion Tester","Definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin extended definitions.", +"tm-placeholder-replacement","null","not testable with Assertion Tester","The placeholder labeling MUST be substituted with a concrete value (e.g., as JSON number, JSON string, JSON object, etc) when TD instance is created from the Thing Model.", +"tm-ref-recursive-extensions","null","not testable with Assertion Tester","Recursive extensions leading to an infinite loop MUST NOT be defined.", +"tm-tmRef-overwrite-possibility","null","not testable with Assertion Tester","If the intention is to override an existing JSON name-value pair definition from tm:ref, the same JSON name MUST be used at the same level of the tm:ref declaration that provides a new value.", +"tm-tmRef-overwrite-process","null","not testable with Assertion Tester","The process to overwrite MUST follow the JSON Merge Patch algorithm as defined in [RFC7396] where the content of the referenced definition is patched with the new provided JSON name-value pairs.", +"tm-tmRef-overwrite-semantic-meaning","null","not testable with Assertion Tester","Similar to tm:extends and to keep the semantic meaning, definitions SHOULD NOT be overwritten in such a way that possible instance values are no longer valid compared to the origin referenced definition.", +"tm-tmRef2","null","not testable with Assertion Tester","Every time tm:ref is used, the referenced pre-definition and its dependencies (e.g., by context extension) MUST be assumed at the new defined definition.", +"tm-versioning-1","null","not testable with Assertion Tester","When the Thing Model definitions change over time, this SHOULD be reflected in the version container.", diff --git a/packages/assertions/assertions-csv/report.json b/packages/assertions/assertions-csv/report.json index c8120e338..4a19c3cdc 100644 --- a/packages/assertions/assertions-csv/report.json +++ b/packages/assertions/assertions-csv/report.json @@ -1 +1 @@ -{"generationDate":"Sun, 08 Oct 2023 06:53:07 GMT","assertionsSize":451,"implementedSize":372,"manualSize":82,"oldSize":3,"needsReviewSize":0} \ No newline at end of file +{"generationDate":"Thu, 29 Feb 2024 13:51:52 GMT","assertionsSize":451,"implementedSize":372,"manualSize":82,"oldSize":4,"needsReviewSize":0} \ No newline at end of file