From 6cdd3c12bce952de6802f2b5fa12d2175e4bac7d Mon Sep 17 00:00:00 2001
From: Benjamin <benjamin.dorn@exxcellent.de>
Date: Fri, 25 Apr 2025 15:54:53 +0200
Subject: [PATCH 1/5] feat(CSAF2.1): #196 add optionalTest_6_2_30.js

---
 csaf_2_1/optionalTests.js                     | 24 +++++++
 .../recommendedTests/optionalTest_6_2_30.js   | 67 +++++++++++++++++++
 2 files changed, 91 insertions(+)
 create mode 100644 csaf_2_1/optionalTests.js
 create mode 100644 csaf_2_1/recommendedTests/optionalTest_6_2_30.js

diff --git a/csaf_2_1/optionalTests.js b/csaf_2_1/optionalTests.js
new file mode 100644
index 00000000..c5fa3e29
--- /dev/null
+++ b/csaf_2_1/optionalTests.js
@@ -0,0 +1,24 @@
+
+export {
+  optionalTest_6_2_1,
+  optionalTest_6_2_2,
+  optionalTest_6_2_4,
+  optionalTest_6_2_5,
+  optionalTest_6_2_6,
+  optionalTest_6_2_7,
+  optionalTest_6_2_8,
+  optionalTest_6_2_9,
+  optionalTest_6_2_10,
+  optionalTest_6_2_11,
+  optionalTest_6_2_12,
+  optionalTest_6_2_13,
+  optionalTest_6_2_14,
+  optionalTest_6_2_15,
+  optionalTest_6_2_16,
+  optionalTest_6_2_17,
+  optionalTest_6_2_18,
+  optionalTest_6_2_19,
+  optionalTest_6_2_20,
+} from '../optionalTests.js'
+export { optionalTest_6_2_3 } from './optionalTests/optionalTest_6_2_3.js'
+export { optionalTest_6_2_30 } from './optionalTests/optionalTest_6_2_30.js'
\ No newline at end of file
diff --git a/csaf_2_1/recommendedTests/optionalTest_6_2_30.js b/csaf_2_1/recommendedTests/optionalTest_6_2_30.js
new file mode 100644
index 00000000..05debb43
--- /dev/null
+++ b/csaf_2_1/recommendedTests/optionalTest_6_2_30.js
@@ -0,0 +1,67 @@
+import Ajv from 'ajv/dist/jtd.js'
+
+const ajv = new Ajv()
+
+/*
+  This is the jtd schema that needs to match the input document so that the
+  test is activated. If this schema doesn't match it normally means that the input
+  document does not validate against the csaf json schema or optional fields that
+  the test checks are not present.
+ */
+const inputSchema = /** @type {const} */ ({
+  additionalProperties: true,
+  properties: {
+    document: {
+      additionalProperties: true,
+      properties: {
+        distribution: {
+          additionalProperties: true,
+          properties: {
+            sharing_group: {
+              additionalProperties: true,
+              properties: {
+                id: { type: 'string' },
+                name: { type: 'string' },
+              },
+            },
+            tlp: {
+              additionalProperties: true,
+              properties: {
+                label: { type: 'string' },
+              },
+            },
+          },
+        },
+      },
+    },
+  },
+})
+const validateInput = ajv.compile(inputSchema)
+
+/**
+ * This implements the optional test 6.2.30 of the CSAF 2.1 standard.
+ * @param {any} doc
+ */
+export function optionalTest_6_2_30(doc) {
+  const ctx = {
+    warnings:
+      /** @type {Array<{ instancePath: string; message: string }>} */ ([]),
+  }
+
+  if (!validateInput(doc)) {
+    return ctx
+  }
+
+  // Check for sharing_group usage when TLP is CLEAR
+  if (
+    doc.document.distribution.tlp?.label === 'CLEAR' &&
+    doc.document.distribution.sharing_group
+  ) {
+    ctx.warnings.push({
+      message: 'No sharing group must be used when TLP is CLEAR.',
+      instancePath: `/document/distribution/sharing_group`,
+    })
+  }
+
+  return ctx
+}

From 69cd0ad15d362ce9c351c4bda6b90b51bfd707e9 Mon Sep 17 00:00:00 2001
From: bendo-eXX <benjamin.dorn@exxcellent.de>
Date: Fri, 9 May 2025 15:47:44 +0200
Subject: [PATCH 2/5] Update csaf_2_1/optionalTests/optionalTest_6_2_30.js

Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
---
 csaf_2_1/recommendedTests/optionalTest_6_2_30.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/csaf_2_1/recommendedTests/optionalTest_6_2_30.js b/csaf_2_1/recommendedTests/optionalTest_6_2_30.js
index 05debb43..035ae8fb 100644
--- a/csaf_2_1/recommendedTests/optionalTest_6_2_30.js
+++ b/csaf_2_1/recommendedTests/optionalTest_6_2_30.js
@@ -58,7 +58,7 @@ export function optionalTest_6_2_30(doc) {
     doc.document.distribution.sharing_group
   ) {
     ctx.warnings.push({
-      message: 'No sharing group must be used when TLP is CLEAR.',
+      message: 'TLP:CLEAR documents should not use a "sharing_goup"',
       instancePath: `/document/distribution/sharing_group`,
     })
   }

From e9b811c1c3192590367e25e1d6115f7411553438 Mon Sep 17 00:00:00 2001
From: Benjamin <benjamin.dorn@exxcellent.de>
Date: Fri, 9 May 2025 15:57:59 +0200
Subject: [PATCH 3/5] feat: rename Test to recommendedTest_6_2_30.js

---
 csaf_2_1/optionalTests.js                     | 24 -------------------
 csaf_2_1/recommendedTests.js                  |  1 +
 ...st_6_2_30.js => recommendedTest_6_2_30.js} | 13 ++++------
 3 files changed, 6 insertions(+), 32 deletions(-)
 delete mode 100644 csaf_2_1/optionalTests.js
 rename csaf_2_1/recommendedTests/{optionalTest_6_2_30.js => recommendedTest_6_2_30.js} (79%)

diff --git a/csaf_2_1/optionalTests.js b/csaf_2_1/optionalTests.js
deleted file mode 100644
index c5fa3e29..00000000
--- a/csaf_2_1/optionalTests.js
+++ /dev/null
@@ -1,24 +0,0 @@
-
-export {
-  optionalTest_6_2_1,
-  optionalTest_6_2_2,
-  optionalTest_6_2_4,
-  optionalTest_6_2_5,
-  optionalTest_6_2_6,
-  optionalTest_6_2_7,
-  optionalTest_6_2_8,
-  optionalTest_6_2_9,
-  optionalTest_6_2_10,
-  optionalTest_6_2_11,
-  optionalTest_6_2_12,
-  optionalTest_6_2_13,
-  optionalTest_6_2_14,
-  optionalTest_6_2_15,
-  optionalTest_6_2_16,
-  optionalTest_6_2_17,
-  optionalTest_6_2_18,
-  optionalTest_6_2_19,
-  optionalTest_6_2_20,
-} from '../optionalTests.js'
-export { optionalTest_6_2_3 } from './optionalTests/optionalTest_6_2_3.js'
-export { optionalTest_6_2_30 } from './optionalTests/optionalTest_6_2_30.js'
\ No newline at end of file
diff --git a/csaf_2_1/recommendedTests.js b/csaf_2_1/recommendedTests.js
index 641832bb..403a50c8 100644
--- a/csaf_2_1/recommendedTests.js
+++ b/csaf_2_1/recommendedTests.js
@@ -30,4 +30,5 @@ export { recommendedTest_6_2_22 } from './recommendedTests/recommendedTest_6_2_2
 export { recommendedTest_6_2_27 } from './recommendedTests/recommendedTest_6_2_27.js'
 export { recommendedTest_6_2_28 } from './recommendedTests/recommendedTest_6_2_28.js'
 export { recommendedTest_6_2_29 } from './recommendedTests/recommendedTest_6_2_29.js'
+export { recommendedTest_6_2_30 } from './recommendedTests/recommendedTest_6_2_30.js'
 export { recommendedTest_6_2_38 } from './recommendedTests/recommendedTest_6_2_38.js'
diff --git a/csaf_2_1/recommendedTests/optionalTest_6_2_30.js b/csaf_2_1/recommendedTests/recommendedTest_6_2_30.js
similarity index 79%
rename from csaf_2_1/recommendedTests/optionalTest_6_2_30.js
rename to csaf_2_1/recommendedTests/recommendedTest_6_2_30.js
index 035ae8fb..1bedd5c9 100644
--- a/csaf_2_1/recommendedTests/optionalTest_6_2_30.js
+++ b/csaf_2_1/recommendedTests/recommendedTest_6_2_30.js
@@ -19,10 +19,7 @@ const inputSchema = /** @type {const} */ ({
           properties: {
             sharing_group: {
               additionalProperties: true,
-              properties: {
-                id: { type: 'string' },
-                name: { type: 'string' },
-              },
+              properties: {},
             },
             tlp: {
               additionalProperties: true,
@@ -42,7 +39,7 @@ const validateInput = ajv.compile(inputSchema)
  * This implements the optional test 6.2.30 of the CSAF 2.1 standard.
  * @param {any} doc
  */
-export function optionalTest_6_2_30(doc) {
+export function recommendedTest_6_2_30(doc) {
   const ctx = {
     warnings:
       /** @type {Array<{ instancePath: string; message: string }>} */ ([]),
@@ -54,12 +51,12 @@ export function optionalTest_6_2_30(doc) {
 
   // Check for sharing_group usage when TLP is CLEAR
   if (
-    doc.document.distribution.tlp?.label === 'CLEAR' &&
+    doc.document.distribution.tlp.label === 'CLEAR' &&
     doc.document.distribution.sharing_group
   ) {
     ctx.warnings.push({
-      message: 'TLP:CLEAR documents should not use a "sharing_goup"',
-      instancePath: `/document/distribution/sharing_group`,
+      instancePath: '/document/distribution/sharing_group',
+      message: 'TLP:CLEAR documents should not use a "sharing_group"',
     })
   }
 

From 6614f149e18c3a4fb1b99ae882dd7cf1c290b9ef Mon Sep 17 00:00:00 2001
From: bendo-eXX <benjamin.dorn@exxcellent.de>
Date: Tue, 24 Jun 2025 16:25:16 +0200
Subject: [PATCH 4/5] feat: add recommendedTest_6_2_30.js for better
 codeCoverage and update README.md

---
 README.md                                |  8 ++++----
 tests/csaf_2_1/oasis.js                  |  1 -
 tests/csaf_2_1/recommendedTest_6_2_30.js | 11 +++++++++++
 3 files changed, 15 insertions(+), 5 deletions(-)
 create mode 100644 tests/csaf_2_1/recommendedTest_6_2_30.js

diff --git a/README.md b/README.md
index f9a60d1b..4235875f 100644
--- a/README.md
+++ b/README.md
@@ -345,10 +345,6 @@ The following tests are not yet implemented and therefore missing:
 - Recommeded Test 6.2.24
 - Recommeded Test 6.2.25
 - Recommeded Test 6.2.26
-- Recommeded Test 6.2.27
-- Recommeded Test 6.2.28
-- Recommeded Test 6.2.29
-- Recommeded Test 6.2.30
 - Recommeded Test 6.2.31
 - Recommeded Test 6.2.32
 - Recommeded Test 6.2.33
@@ -463,6 +459,10 @@ export const recommendedTest_6_2_18: DocumentTest
 export const recommendedTest_6_2_19: DocumentTest
 export const recommendedTest_6_2_20: DocumentTest
 export const recommendedTest_6_2_22: DocumentTest
+export const recommendedTest_6_2_27: DocumentTest
+export const recommendedTest_6_2_28: DocumentTest
+export const recommendedTest_6_2_29: DocumentTest
+export const recommendedTest_6_2_30: DocumentTest
 ```
 
 [(back to top)](#bsi-csaf-validator-lib)
diff --git a/tests/csaf_2_1/oasis.js b/tests/csaf_2_1/oasis.js
index ed81ff09..fb5fcba8 100644
--- a/tests/csaf_2_1/oasis.js
+++ b/tests/csaf_2_1/oasis.js
@@ -49,7 +49,6 @@ const excluded = [
   '6.2.24',
   '6.2.25',
   '6.2.26',
-  '6.2.30',
   '6.2.31',
   '6.2.32',
   '6.2.33',
diff --git a/tests/csaf_2_1/recommendedTest_6_2_30.js b/tests/csaf_2_1/recommendedTest_6_2_30.js
new file mode 100644
index 00000000..4eb87212
--- /dev/null
+++ b/tests/csaf_2_1/recommendedTest_6_2_30.js
@@ -0,0 +1,11 @@
+import assert from 'node:assert'
+import { recommendedTest_6_2_30 } from '../../csaf_2_1/recommendedTests.js'
+
+describe('recommendedTest_6_2_30', function () {
+  it('only runs on relevant documents', function () {
+    assert.equal(
+      recommendedTest_6_2_30({ vulnerabilities: 'mydoc' }).warnings.length,
+      0
+    )
+  })
+})

From d3fef2281cd6298a2c830f7cf9744db2274c1343 Mon Sep 17 00:00:00 2001
From: bendo-eXX <benjamin.dorn@exxcellent.de>
Date: Thu, 26 Jun 2025 08:27:25 +0200
Subject: [PATCH 5/5] Update
 csaf_2_1/recommendedTests/recommendedTest_6_2_30.js

Co-authored-by: Rainer Schneider <97682836+rainer-exxcellent@users.noreply.github.com>
---
 csaf_2_1/recommendedTests/recommendedTest_6_2_30.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/csaf_2_1/recommendedTests/recommendedTest_6_2_30.js b/csaf_2_1/recommendedTests/recommendedTest_6_2_30.js
index 1bedd5c9..98fe9370 100644
--- a/csaf_2_1/recommendedTests/recommendedTest_6_2_30.js
+++ b/csaf_2_1/recommendedTests/recommendedTest_6_2_30.js
@@ -56,7 +56,7 @@ export function recommendedTest_6_2_30(doc) {
   ) {
     ctx.warnings.push({
       instancePath: '/document/distribution/sharing_group',
-      message: 'TLP:CLEAR documents should not use a "sharing_group"',
+      message: `TLP:CLEAR documents should not use a 'sharing_group'`,
     })
   }