From owner-freebsd-doc@FreeBSD.ORG Fri Jun 1 11:19:53 2012 Return-Path: Delivered-To: freebsd-doc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 733F81065673 for ; Fri, 1 Jun 2012 11:19:53 +0000 (UTC) (envelope-from simon@qxnitro.org) Received: from mail-bk0-f54.google.com (mail-bk0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id DE7F18FC0A for ; Fri, 1 Jun 2012 11:19:52 +0000 (UTC) Received: by bkvi18 with SMTP id i18so2247261bkv.13 for ; Fri, 01 Jun 2012 04:19:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qxnitro.org; s=google; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=Kx8Zn4n059+1MsNgeEJciR+pPssGCUkK6UJ1OTE2MA4=; b=RwFHIA2vkiCS6Kmz3cJr9L/1cIeFkoMRQItsx4KSC0wlnSR0qDBT3pBhznh2SAjOF/ JDLbg9hp+NB+wqDpmkmvsdL9Dwn86wOPVGOC8XUoBPuDnOXH6oaZ+lTN8sL+1eT9Dy9w 74Gx4Mmamls+OJh86kDyXsBr4ISqyfzM5xn/U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding:x-gm-message-state; bh=Kx8Zn4n059+1MsNgeEJciR+pPssGCUkK6UJ1OTE2MA4=; b=RR+0+1sKi4LvFTVNsTWQRcmuk+m72e+utwBk8qkdQA8IAmd7R/4e0k3J+gdjrrzlrA xk/Z7a16sFlLifHvVXc+20RwUl85hAAUhOZWsSbt2kBraoykftQbT+YUYJOoOYQBOinT yq1zodk0GpYeQSCrP/FtBi1/GDjw1Y1HvnsTWUsiNWWpVs2qoKIT59CHVwDNXivV2azh P5likGwQHUUFz9FI5qA7olKwTr2Uxs/fQ4A9z0WPRrUQyiYM4bDBe1/soKkGlC/0spel MmvuJAQy29yUAGOtl2cwnZ9quSY29BkRJ/uXEG6qxVqZZlPOFBor4yfCihk1KzSM8U9J otIg== MIME-Version: 1.0 Received: by 10.204.151.204 with SMTP id d12mr1336129bkw.72.1338549591545; Fri, 01 Jun 2012 04:19:51 -0700 (PDT) Received: by 10.205.39.199 with HTTP; Fri, 1 Jun 2012 04:19:51 -0700 (PDT) X-Originating-IP: [2620:0:1040:204:be30:5bff:fee8:f39d] In-Reply-To: <4FC8959A.8020008@FreeBSD.org> References: <201205302046.q4UKka2f062416@repoman.freebsd.org> <20120530222837.GA94334@dormouse.experts-exchange.com> <4FC7BDE9.40602@FreeBSD.org> <4FC814BB.90507@FreeBSD.org> <4FC8959A.8020008@FreeBSD.org> Date: Fri, 1 Jun 2012 12:19:51 +0100 Message-ID: From: "Simon L. B. Nielsen" To: Doug Barton Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Gm-Message-State: ALoCoQmt1/cuEvUCzhfTI1AIr4O3ByFXr0lt8uso5yMy/uZ51ORMzQhaGNyJv4n3w9YriKJ12AE4 Cc: Eitan Adler , freebsd-doc@freebsd.org, wblock@freebsd.org, Thierry Thomas , Jason Helfman Subject: Re: cvs commit: ports/security/vuxml vuln.xml X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jun 2012 11:19:53 -0000 On Fri, Jun 1, 2012 at 11:12 AM, Doug Barton wrote: > On 06/01/2012 02:55, Simon L. B. Nielsen wrote: >> On Fri, Jun 1, 2012 at 2:02 AM, Doug Barton wrote: >>>> On Thu, 31 May 2012, Doug Barton wrote: >>>> >>>>> On 05/31/2012 09:28 AM, Warren Block wrote: >>>>>> Sorry, I missed the original post and am not quite sure what is bein= g >>>>>> checked. =C2=A0At present, igor doesn't know XML at all. =C2=A0My ho= pe is that >>>>>> some existing XML validator can be used to check tagging and indenta= tion >>>>>> of DocBook XML, and igor can just check for documentation-specific >>>>>> problems. >>>>> >>>>> xmllint does a pretty good job of validation. Not sure how much it he= lps >>>>> with indentation, but it's a good place to start. >>> >>> To amplify that slightly, since "The Fine Manual" leaves something to b= e >>> desired ... >>> >>> xmllint --noout --dtdvalid http://www.vuxml.org/dtd/vuxml-1/vuxml-11.dt= d >>> vuln.xml >>> >>> is what you want to validate that the file matches the DTD (the current >>> version passes). There is no way to use xmllint to "validate the >>> whitespace," but you could theoretically use the --format option as par= t >>> of 'make validate'. Note, that would require a one-time commit to chang= e >>> the current format into what --format outputs, since they are pretty >>> dramatically different. >> >> Just a note, DTD check is unfortunately rather far from validating >> that VuXML entries are valid... > > Right ... the question I was responding to was, "How can we confirm that > the XML is right?" which is a different question altogether. The wacky > default whitespace conventions that we have for that file could be > "fixed" (where that really means standardized on a differently wacky > schema) by the --format option of xmllint. That would take the "human Hmm, I think we use pretty much the doc project style... but I can't remember 100% on the top of my head. > error" element out of the whitespace issue altogether, and avoid the > need to validate it since it would always be standard. > > Validating against the DTD is probably also a good step to add, since if > it doesn't at least pass that test, further attempts to validate the > entries themselves are probably fruitless. Yes, any commit which does not validate against DTD will break the vuxml.org and portaudit builds. That's the bare minimum I expect for any vuln.xml commit. > > IOW, adding xmllint to the mix will probably do more good than harm, > although we need to be careful that we understand what it is, and isn't > doing for us. Eh, make validate in the port does exactly that (run xmllint): http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/vuxml/files/validate.s= h?rev=3D. xsltproc is used for some tidy'ing of the file: http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/vuxml/files/tidy.sh?re= v=3D. --=20 Simon