Trustable Compliance Report#
Item status guide#
Each item in a Trustable Graph is scored with a number between 0 and 1. The score represents aggregated organizational confidence in a given Statement, with larger numbers corresponding to higher confidence. Scores in the report are indicated by both a numerical score and the colormap below:
The status of an item and its links also affect the score.
Unreviewed items are indicated by a cross in the status column. The score of unreviewed items is always set to zero.
Suspect links are indicated by a cross in the status column. The contribution to the score of a parent item by a suspiciously linked child is always zero, regardless of the child’s own score.
Compliance for AOU#
This presents the compliance for the Assumptions of Use (AOU) in tabular form.
Item |
Summary |
Score |
Status |
|---|---|---|---|
The integrator shall report problems with eclipse-score/inc_nlohmann_json’s implementation to the upstream nlohmann/json repository whenever a problem is detected. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that the build environment used for eclipse-score/inc_nlohmann_json is supplied with consistent dependencies in every integrating system. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that integrator-controlled mirrors of the dependencies of the nlohmann/json repository are persistently and accessibly stored as long as the nlohmann/json library is used within eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that exceptions are properly handled or turned off in eclipse-score/inc_nlohmann_json, whenever eclipse-score/inc_nlohmann_json’s implementation of nlohmann/json is used. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that in eclipse-score/inc_nlohmann_json, input is encoded as UTF-8 (as required by RFC8259) and that in case other string formats are used, thrown exceptions are properly handled. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that in eclipse-score/inc_nlohmann_json brace initialization (e.g. json j{true};) is not used with the types basic_json, json, or ordered_json, unless an object or array is created. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure in eclipse-score/inc_nlohmann_json that exceptions, which are expected during parsing with default parameters, are properly handled whenever the input is no valid JSON. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that all necessary source files and built tools are mirrored in eclipse-score/inc_nlohmann_json, e.g. using a built server without internet access, as long as nlohmann/json is actively used within eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure inside eclipse-score/inc_nlohmann_json that advanced warning indicators for misbehaviours are identified, and monitoring mechanisms are specified, verified and validated based on analysis. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall, whenever possible, turn any remaining Assumptions-of-Use (AOU) items into statements and add suitable references and/or validators. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall, whenever possible, replace outdated and/or provide additional references and validators that would further improve the trustability of a statement. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that the eclipse-score/inc_nlohmann_json is built with tools from the provided matrix specification, whenever nlohmann/json is used within eclipse-score/inc_nlohmann_json. (not yet provided) |
0.00 |
⨯ Item Reviewed |
|
The integrator shall maintain mirrors for all code and tools utilized in testing as long as nlohmann/json is actively used within eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall use C++ versions and compilers that are tested in the CI pipeline, whenever nlohmann/json is used within eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall identify misbehaviours for the nlohmann/json library, define appropriate mitigations, and ensure that these mitigations are thoroughly validated, whenever using eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that monitoring data from deployed software is accurately captured, securely stored, and well-documented for analysis within eclipse-score/inc_nlohmann_json, as long as the nlohmann/json library is actively used within eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall analyze monitoring data systematically to detect trends and identify issues, as long as the nlohmann/json library is actively used within eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that the keys within an object are unique, whenever an object is to be parsed by eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that a string does not contain escaped unpaired utf-16 surrogate characters, and that exceptions are properly handled in eclipse-score/inc_nlohmann_json, whenever a string is to be parsed. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that numbers are written in base 10, and that exceptions and misbehaviours in case that any other base is used are properly handled and mitigated within eclipse-score/inc_nlohmann_json, whenever a number is parsed. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that data are complete and error-free, whenever they are transmitted to eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that the data do not change during reading, whenever transmitted to eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall convince themselves that the behaviour of the used C++ standard library is known, verified and validated. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall convince themselves that the misbehaviours of the C++ standard library and mitigations are known, verified and validated. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that the ‘Release management’ and ‘Update concepts’ in TSF/README.md are followed whenever any changes are done in eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall ensure that the known open bugs of the nlohmann/json repository are regularly reviewed on their impact on the use of the documented version of nlohmann/json, as long as the nlohmann/json library is actively used within eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall check the security tab in the GitHub UI on a regular basis, analyze and either fix or dismiss any outstanding CVEs. |
0.00 |
⨯ Item Reviewed |
|
The integrator shall review the answers to each of the TSF evidence lists in the TA_CONTEXT files (see e.g., TSF/trustable/assertions/TA-ANALYSIS_CONTEXT.md). For each point that has not already been fulfilled, the integrator shall evaluate it and provide the relevant evidence if possible. |
0.00 |
⨯ Item Reviewed |
Compliance for JLEX#
This presents the compliance for the JSON-Library Expectations (JLEX) in tabular form.
Item |
Summary |
Score |
Status |
|---|---|---|---|
The requirement regarding JSON Validation is fulfilled. |
0.00 |
⨯ Item Reviewed |
|
The requirement regarding JSON Deserialization is fulfilled. |
0.00 |
⨯ Item Reviewed |
Compliance for JLS#
This presents the compliance for the JSON-Library Statements (JLS) in tabular form.
Item |
Summary |
Score |
Status |
|---|---|---|---|
The CI pipeline in nlohmann/json executes the unit and integration test suites on each pull request (opened, reopened, synchronized). |
0.00 |
⨯ Item Reviewed |
|
Fuzz testing is used in the original nlohmann/json repository (https://github.com/nlohmann/json) to uncover edge cases and failure modes throughout development. (https://github.com/nlohmann/json/blob/develop/tests/fuzzing.md) |
0.00 |
⨯ Item Reviewed |
|
Automated tests within the TSF documentation are reviewed by a Subject Matter Expert to verify they test the properties they claim to. |
0.00 |
⨯ Item Reviewed |
|
External dependencies within nlohmann/json are checked for potential security vulnerabilities with each pull request to main. Merging is blocked until all warnings are resolved. |
0.00 |
⨯ Item Reviewed |
|
The nlohmann/json library is widely used and actively maintained; bugs and misbehaviours are tracked publicly and transparently. |
0.00 |
⨯ Item Reviewed |
|
Pull requests in the nlohmann/json repository are merged only after code review. |
0.00 |
⨯ Item Reviewed |
|
The develop branch of nlohmann/json is protected, i.e. no direct commits are possible. |
0.00 |
⨯ Item Reviewed |
|
Each statement within the TSF documentation is scored based on SME reviews or automatic validation functions. (TODO) |
0.00 |
⨯ Item Reviewed |
|
Scores within the TSF documentation are reasonably, systematically and repeatably accumulated. (TODO) |
0.00 |
⨯ Item Reviewed |
|
Every release of nlohmann/json includes source code, build instructions, tests and attestations. (TODO: Test result summary) |
0.00 |
⨯ Item Reviewed |
|
Outstanding bugs or misbehaviours are analyzed within eclipse-score/inc_nlohmann_json to determine whether they are relevant for S-CORE’s use cases of the nlohmann/json library. |
0.00 |
⨯ Item Reviewed |
|
The nlohmann/json repository has well-defined community standards, including a contribution guideline and a security policy. |
0.00 |
⨯ Item Reviewed |
|
The S-Core methodologies are followed in eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
The SHA value of the nlohmann/json library in use within eclipse-score/inc_nlohmann_json coincides with the SHA value provided by Niels Lohmann for that version. |
0.00 |
⨯ Item Reviewed |
|
A list of tests, which is extracted from the test execution, is provided, along with a list of test environments. |
0.00 |
⨯ Item Reviewed |
|
A github workflow calculates the fraction of expectations covered by tests in eclipse-score/inc_nlohmann_json (TODO). |
0.00 |
⨯ Item Reviewed |
|
Results from tests are accurately captured. |
0.00 |
⨯ Item Reviewed |
|
All library components, build dependencies, and build tools in the nlohmann/json repository are declared in build system manifests. |
0.00 |
⨯ Item Reviewed |
|
A github workflow of eclipse-score/inc_nlohmann_json saves the history of scores in the trustable graph to derive trends. |
0.00 |
⨯ Item Reviewed |
|
A score is calculated based on the number of mirrored and unmirrored things. (TODO) |
0.00 |
⨯ Item Reviewed |
|
A github workflow of eclipse-score/inc_nlohmann_json executes the unit tests daily and saves the results as time-series data. |
0.00 |
⨯ Item Reviewed |
|
The Eclipse S-CORE organization mirrors the nlohmann/json project in a github fork. |
0.00 |
⨯ Item Reviewed |
|
The nlohmann/json library recognizes malformed JSON and returns an exception. |
0.00 |
⨯ Item Reviewed |
|
Malicious code changes in nlohmann/json are mitigated by code reviews, adhering to the contribution guidelines and security policy specified by nlohmann/json. |
0.00 |
⨯ Item Reviewed |
|
Any failed CI pipeline executions in the master branch of the nlohmann/json repository are analyzed and fixed. |
0.00 |
⨯ Item Reviewed |
|
The test coverage for this version of nlohmann/json is monitored using Coveralls and is not decreasing over time, unless reasonably justified. |
0.00 |
⨯ Item Reviewed |
|
Outstanding bugs and misbehaviours are triaged in the nlohmann/json repository. |
0.00 |
⨯ Item Reviewed |
|
Known bugs, misbehaviours and CVEs are analyzed and either fixed or mitigated in the nlohmann/json repository. |
0.00 |
⨯ Item Reviewed |
|
Outstanding CVEs are analyzed within eclipse-score/inc_nlohmann_json to determine whether they can be dismissed, and/or are relevant for S-CORE’s use cases of the nlohmann/json library. |
0.00 |
⨯ Item Reviewed |
|
The nlohmann/json repository uses a static code analysis tool. |
0.00 |
⨯ Item Reviewed |
|
All pull requests to the develop branch in the nlohmann/json repository trigger a request for review from Niels Lohmann (@nlohmann). |
0.00 |
⨯ Item Reviewed |
|
Outstanding CVEs are triaged in the nlohmann/json repository. |
0.00 |
⨯ Item Reviewed |
|
The nlohmann/json library has no external components or dependencies besides the C++ standard components. |
0.00 |
⨯ Item Reviewed |
|
Pull requests in the nlohmann/json repository are merged only after running CI-tests and successfully passing the pipeline. |
0.00 |
⨯ Item Reviewed |
Compliance for NJF#
This presents the compliance for the No JSON Faults (NJF) in tabular form.
Item |
Summary |
Score |
Status |
|---|---|---|---|
The service provided by the nlohmann/json library accepts the literal name null. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts the literal name true. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts the literal name false. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept any other literal name. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts and rejects arrays according to RFC8259 §5. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts the empty array. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts the non-empty arrays. |
0.00 |
⨯ Item Reviewed |
|
If every value candidate of a properly bounded array is accepted as singleton, then the service provided by the nlohmann/json library accepts the array. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept any improperly bounded arrays. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept arrays with improper values. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts nested arrays. |
0.00 |
⨯ Item Reviewed |
|
The acceptance of nested arrays by the service provided by the nlohmann/json library does not depend on the depth of nesting. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does only accept comma as value separator. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does accept comma as value separator. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept any other value separator. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts and rejects objects according to RFC8259 §4. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts the empty object. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept improperly bounded objects. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts the non-empty objects. |
0.00 |
⨯ Item Reviewed |
|
The admissible members of an object provided to the eclipse-score/inc_nlohmann_json have the form name : value. |
0.00 |
⨯ Item Reviewed |
|
If the service provided by the nlohmann/json library recognises the name candidate as string, then it accepts the name candidate. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept any other token as name. |
0.00 |
⨯ Item Reviewed |
|
If the service provided by the nlohmann/json library accepts the value-candidate as a singleton, then the value-candidate is accepted. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept objects with improper members. |
0.00 |
⨯ Item Reviewed |
|
If the service provided by the nlohmann/json library does not accept any name candidate as singleton, then the service does not accept the object candidate. |
0.00 |
⨯ Item Reviewed |
|
If the service provided by the nlohmann/json library does not accept any value candidate as singleton, then the service does not accept the object candidate. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts the nested objects. |
0.00 |
⨯ Item Reviewed |
|
The acceptance of nested objects inside the nlohmann/json library does not depend on the depth of nesting. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does only accept comma as member separator. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts comma as member separator. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept any other member separator. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts and rejects strings according to RFC8259 §7. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does accept empty strings. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept the improperly bounded strings. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept unescaped control characters. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does accept escaped control characters. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts UTF-16 surrogate pairs. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does accept non-empty strings. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept escaped invalid characters. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept single unpaired utf-16 surrogates. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept unescaped UTF-16 surrogate pairs. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts numbers according to RFC8259 §6. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does accept integers within the limits of 64-bit double. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does accept integers according to IEEE 754 binary64. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept NaN and infinity. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does accept e or E for numbers with exponent within the bounds of double. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept u0415 and u0436 (cyrillic e and E) as exponent signs in numbers with exponent. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept invalid syntax for numbers. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does accept decimal points in numbers within the bounds of double. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept leading zeroes. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept any other digit symbol than 0-9. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library decodes UTF-8 data. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library rejects malformed UTF-8 data. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library rejects “overlong sequences”. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library rejects single escaped and unescaped, and paired unescaped utf-16 surrogates. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts Non-Characters. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts well-formed UTF-8 data. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts JSON data consisting of combinations of the data types. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library accepts a single complete UTF-8 byte order mark at the beginning of the input only. |
0.00 |
⨯ Item Reviewed |
|
If the service provided by the nlohmann/json library accepts an input containing no BOM, then it accepts a single UTF-8 byte order mark followed by that input. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept multiple UTF-8 byte order marks. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept incomplete or perturbed UTF-8 byte order marks within the first three characters of the input. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept UTF-16 and UTF-32 byte order marks instead of the UTF-8 byte order mark. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not accept UTF-8 byte order mark outside of a string and outside of the first three characters of the input. |
0.00 |
⨯ Item Reviewed |
Compliance for NPF#
This presents the compliance for the No Parsing Faults (NPF) in tabular form.
Item |
Summary |
Score |
Status |
|---|---|---|---|
The service provided by the nlohmann/json library ignores the presence of a byte order mark. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores the presence of a single UTF-8 byte order mark at the very beginning of the input. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not parse multiple UTF-8 byte order marks at the beginning of the input and throws an exception. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not parse UTF-8 byte order marks outside of a string and the first three characters of the input, and throws an exception. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not parse UTF-16 and UTF-32 byte order mark instead of an UTF-8 byte order mark, and throws an exception. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library does not parse partial and perturbed UTF-8 byte order marks within the first three characters of the input and throws an exception. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses numbers according to RFC8259. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses integers without exponent within the precision of int64_t. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores trailing zeroes after the decimal point. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses numbers within the 64-bit double range but outside of the double precision without throwing an exception and without guarantee of precision. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores capitalisation of the exponent. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses integers with exponent within the precision of 64-bit double. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses floating point values without exponent within the precision of 64-bit double. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses floating point values with exponent within the precision of 64-bit double. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores leading zeroes in the exponent. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses integers within IEEE 754-2008 binary64. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores leading and trailing whitespace. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores one singular leading plus of the exponent. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses floating point numbers within IEEE 754-2008 binary64 standard. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses strings according to RFC8259. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores leading and trailing whitespace. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses escaped characters in the basic multilingual plane. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores capitalisation in escaped hexadecimal unicode. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses all unescaped utf-8 characters except quotation marks, reverse solidus and the control characters. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses \, \/, \b,\f, \n, \r, \t and escaped quotation marks. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses the empty string. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses non-empty strings. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses literal names “true”, “false” and “null” according to RFC8259. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores leading and trailing whitespace. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses the literal name true. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses the literal name false. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses the literal name null. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses arrays according to RFC8259. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores leading and trailing whitespace for each value. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses empty arrays. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses non-empty arrays. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses objects according to RFC8259. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores leading and trailing whitespace for name and value of each member. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses duplicate names without error and reports the last member with that name only. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses empty objects. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses non-empty objects. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses well-formed UTF-8 encoded data only. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses UTF-8 encoded data. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on ill-formed UTF-8 data. |
0.00 |
⨯ Item Reviewed |
Compliance for PJD#
This presents the compliance for the Parse JSON Data (PJD) in tabular form.
Item |
Summary |
Score |
Status |
|---|---|---|---|
The service provided by the nlohmann/json library provides implementations that parses JSON texts, which ignores the presence of a byte order mark rather than treating it as an error. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library transforms a JSON text into a C++ representation using C++ containers (for arrays and objects) and primitive datatypes (for strings, numbers, boolean, null). |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library parses all texts that conform to the JSON grammar. |
0.00 |
⨯ Item Reviewed |
Compliance for TA#
This presents the compliance for the Trustable Assertions (TA) in tabular form.
Item |
Summary |
Score |
Status |
|---|---|---|---|
Collected data from tests and monitoring of deployed software in eclipse-score/inc_nlohmann_json is analysed according to specified objectives. |
0.00 |
⨯ Item Reviewed |
|
Expected or required behaviours for the nlohmann/json library are identified, specified, verified and validated based on analysis. |
0.00 |
⨯ Item Reviewed |
|
Confidence in the nlohmann/json library is measured based on results of analysis. |
0.00 |
⨯ Item Reviewed |
|
Constraints on adaptation and deployment of eclipse-score/inc_nlohmann_json are specified. |
0.00 |
⨯ Item Reviewed |
|
Data in eclipse-score/inc_nlohmann_json is collected from tests, and from monitoring of deployed software, according to specified objectives. |
0.00 |
⨯ Item Reviewed |
|
In the nlohmann/json repository, known bugs or misbehaviours are analysed and triaged, and critical fixes or mitigations are implemented or applied. |
0.00 |
⨯ Item Reviewed |
|
In eclipse-score/inc_nlohmann_json, advanced warning indicators for misbehaviours are identified, and monitoring mechanisms are specified, verified and validated based on analysis. |
0.00 |
⨯ Item Reviewed |
|
All inputs to the nlohmann/json library are assessed, to identify potential risks and issues. |
0.00 |
⨯ Item Reviewed |
|
All constructed iterations of the nlohmann/json library include source code, build instructions, tests, results and attestations. |
0.00 |
⨯ Item Reviewed |
|
Manual methodologies applied for the nlohmann/json library by contributors, and their results, are managed according to specified objectives. |
0.00 |
⨯ Item Reviewed |
|
Prohibited misbehaviours for the nlohmann/json library are identified, and mitigations are specified, verified and validated based on analysis. |
0.00 |
⨯ Item Reviewed |
|
Construction of releases for the nlohmann/json library is fully repeatable and the results are fully reproducible, with any exceptions documented and justified. |
0.00 |
⨯ Item Reviewed |
|
All sources and tools for the nlohmann/json library are mirrored in our controlled environment. |
0.00 |
⨯ Item Reviewed |
|
All tests for the nlohmann/json library, and its build and test environments, are constructed from controlled/mirrored sources and are reproducible, with any exceptions documented. |
0.00 |
⨯ Item Reviewed |
|
nlohmann/json library components, configurations and tools are updated under specified change and configuration management controls. |
0.00 |
⨯ Item Reviewed |
|
All specified tests are executed repeatedly, under defined conditions in controlled environments, according to specified objectives. (To revisit) |
0.00 |
⨯ Item Reviewed |
Compliance for TIJ#
This presents the compliance for the Throw Ill-Formed JSON (TIJ) in tabular form.
Item |
Summary |
Score |
Status |
|---|---|---|---|
The parsing service provided by the nlohmann/json library throws an exception on ill-formed literal names. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on capitalised literal names. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on any other than the three literal names true, false, null. |
0.00 |
⨯ Item Reviewed |
|
The parsing service provided by the nlohmann/json library throws an exception on ill-formed numbers. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on leading plus. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on leading zeroes. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on NaN and infinity. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on U+0415 and U+0436 instead of U+0045 or U+0065. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on invalid number syntax. |
0.00 |
⨯ Item Reviewed |
|
The parsing service provided by the nlohmann/json library throws an exception on ill-formed strings. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on unescaped control characters. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on unpaired utf-16 surrogates. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on improperly bounded strings. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on escaped invalid characters. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on incorrect surrogate pairs. |
0.00 |
⨯ Item Reviewed |
|
The parsing service provided by the nlohmann/json library throws an exception on ill-formed arrays. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on improperly bounded arrays. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on improper values within a properly bounded array. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on improper value separators. |
0.00 |
⨯ Item Reviewed |
|
The parsing service provided by the nlohmann/json library throws an exception on ill-formed objects. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on improperly bounded objects. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception if a non-string is used as name of any member. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception if an improper string is used as name of any member. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception if any member has an improper value. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library throws an exception on improper member separators. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library recognises ill-formed byte-order marks and throws an exception. |
0.00 |
⨯ Item Reviewed |
Compliance for TRUSTABLE#
This presents the ultimate trustability score for nlohmann/json.
Item |
Summary |
Score |
Status |
|---|---|---|---|
This release of JSON-Library also referred in the documentation as nlohmann/json library is Trustable. |
0.00 |
⨯ Item Reviewed |
Compliance for TT#
This presents the compliance for the Trustable Tenets (TT) in tabular form.
Item |
Summary |
Score |
Status |
|---|---|---|---|
The nlohmann/json library is actively maintained, with regular updates to dependencies, and changes are verified to prevent regressions. |
0.00 |
⨯ Item Reviewed |
|
Confidence in the nlohmann/json library is achieved by measuring and analysing behaviour and evidence over time within eclipse-score/inc_nlohmann_json. |
0.00 |
⨯ Item Reviewed |
|
Tools are provided to build the nlohmann/json library from trusted sources (also provided) with full reproducibility. |
0.00 |
⨯ Item Reviewed |
|
Documentation is provided within eclipse-score/inc_nlohmann_json, specifying what the nlohmann/json library is expected to do, and what it must not do, and how this is verified. |
0.00 |
⨯ Item Reviewed |
|
All inputs (and attestations for claims) for the nlohmann/json library are provided with known provenance. |
0.00 |
⨯ Item Reviewed |
|
Evidence is provided within eclipse-score/inc_nlohmann_json to demonstrate that the nlohmann/json library does what it is supposed to do, and does not do what it must not do. |
0.00 |
⨯ Item Reviewed |
Compliance for WFJ#
This presents the compliance for Well Formed JSON (WFJ) in tabular form.
Item |
Summary |
Score |
Status |
|---|---|---|---|
The service provided by the nlohmann/json library checks the well-formedness of the literal names. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library checks the well-formedness of strings. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library checks the well-formedness of numbers. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library checks the well-formedness of array. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library checks the well-formedness of objects. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library checks that a JSON value must be an object, array, number, or string, or one of the lowercase literal names false, null, or true |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library checks that JSON is only serialized using UTF-8. |
0.00 |
⨯ Item Reviewed |
|
The service provided by the nlohmann/json library ignores byte order marks. |
0.00 |
⨯ Item Reviewed |
Generated for: Software
Repository root: /home/runner/work/inc_nlohmann_json/inc_nlohmann_json
Commit SHA: f61e53be2bba6d0e091a9bbe4252190e5e5f8019
Commit date/time: 2025-11-26 12:04:09 UTC
Commit tag: f61e53b