Merge pull request #181 from CycloneDX/v1.5-dev-vuln-rejected

Adding support vulnerability rejected timestamp along with unit tests

Author: stevespringett

schema/bom-1.5.proto

@@ -602,6 +602,8 @@ message Vulnerability {
   repeated VulnerabilityAffects affects = 17;
   // Specifies optional, custom, properties
   repeated Property properties = 18;
+  // The date and time (timestamp) when the vulnerability record was rejected (if applicable).
+  optional google.protobuf.Timestamp rejected = 19;
 }
 
 message VulnerabilityReference {

schema/bom-1.5.schema.json

@@ -1702,6 +1702,12 @@
           "title": "Updated",
           "description": "The date and time (timestamp) when the vulnerability record was last updated."
         },
+        "rejected": {
+          "type": "string",
+          "format": "date-time",
+          "title": "Rejected",
+          "description": "The date and time (timestamp) when the vulnerability record was rejected (if applicable)."
+        },
         "credits": {
           "type": "object",
           "title": "Credits",

schema/bom-1.5.xsd

@@ -2130,6 +2130,11 @@ limitations under the License.
                     <xs:documentation>The date and time (timestamp) when the vulnerability record was last updated.</xs:documentation>
                 </xs:annotation>
             </xs:element>
+            <xs:element name="rejected" type="xs:dateTime" minOccurs="0" maxOccurs="1">
+                <xs:annotation>
+                    <xs:documentation>The date and time (timestamp) when the vulnerability record was rejected (if applicable).</xs:documentation>
+                </xs:annotation>
+            </xs:element>
             <xs:element name="credits" minOccurs="0" maxOccurs="1">
                 <xs:annotation>
                     <xs:documentation>Individuals or organizations credited with the discovery of the vulnerability.</xs:documentation>

tools/src/test/resources/1.5/valid-vulnerability-1.5.json

@@ -63,6 +63,7 @@
       "created": "2021-01-01T00:00:00.000Z",
       "published": "2021-01-01T00:00:00.000Z",
       "updated": "2021-01-01T00:00:00.000Z",
+      "rejected": "2022-01-01T00:00:00.000Z",
       "credits": {
         "organizations": [
           {

tools/src/test/resources/1.5/valid-vulnerability-1.5.textproto

@@ -59,6 +59,10 @@ vulnerabilities {
     seconds: 3173618478
     nanos: 3
   }
+  rejected: {
+    seconds: 3173618478
+    nanos: 3
+  }
   credits: {
     organizations: {
       name: "Acme, Inc."

tools/src/test/resources/1.5/valid-vulnerability-1.5.xml

@@ -64,6 +64,7 @@
             <created>2021-01-01T00:00:00.000Z</created>
             <published>2021-01-01T00:00:00.000Z</published>
             <updated>2021-01-01T00:00:00.000Z</updated>
+            <rejected>2022-01-01T00:00:00.000Z</rejected>
             <credits>
                 <organizations>
                     <organization>