Schema change / purl-type-definition: Add enum for namespace values #690
Description
This issue is intended to raise the visibility and documentation of a proposed addition to the namespace component in purl-type-definition-schema.json from its introduction in the PR below which is focused on the use of valid/known namespace values for deb and rpm package types:
The context is that purl-type-definition-schema-v1.0.json has been frozen in the form that has been submitted to Ecma/TC54 for publication as the PURL 1.0 standard. In this context any normative change to purl-type-definition-schema.json should be approved by TC54/TG2 and tracked as a future change for the PURL standard.
The proposal is to add a property to the namespace definition as:
"registered_values": {
"title": "Registered values",
"description": "Optional set of regjstered namespace values for this package type. If provided, the namespace value should be one of these.",
"type": "array",
"items": {
"type": "string"
},
"uniqueItems": true
}
NB - I replaced "known" from the PR with "registered" where registered means included in the PURL type definition file.
PR #678 did not include any updates to test files so there is an open question about the expected validation behavior for a PURL with a namespace value that is not in the list of registered values. We should at a minimum agree on how to document the expected validation behavior if:
- A package type implements registered values for its namespace component and
- An otherwise valid PURL includes a namespace value that is not in the list of registered values.
A likely scenario is that the PURL should be validated with a warning or other message that the namespace is not registered, but this requires discussion and may require an enhancement to purl-test-schema.json to handle exception severity levels - e.g., error / warning / info instead of just expected_failure = true or false.