i am a bit concerned about possible changes in the future.
What if might transition from JSS to something else some day?
the way it is currently structured will block any path for this.
i'd rather go with something like
{
// ...
"signatures": {
"type": "array",
"minItems": 1,
"items": {
"oneOf": [
{
"type": "object",
"description": "description from cyclonedx-jss_X590_2023_10-2.0.schema.json#/$defs/signatureObject",
"properties": {
"type": { "const": "JSS_X590" },
"data": { "$ref": "cyclonedx-jss_X590_2023_10-2.0.schema.json#/$defs/signatureObject" }
},
"required": ["type", "data"],
"unevaluatedProperties": false
},
// any later type of signature we might add in the future
]
}
}
}Originally posted by @jkowalleck in #858 (comment)
While the recommended approach will not "technically" work, the desire to support multiple signature standards remains. Attempt to devise a way this can be supported in the future.
i am a bit concerned about possible changes in the future.
What if might transition from JSS to something else some day?
the way it is currently structured will block any path for this.
i'd rather go with something like
Originally posted by @jkowalleck in #858 (comment)
While the recommended approach will not "technically" work, the desire to support multiple signature standards remains. Attempt to devise a way this can be supported in the future.