Use published schema as default one when validating CVE records

RedHatProductSecurity · Nov 23, 2022 · 7cd6458 · 7cd6458
1 parent 9655514
commit 7cd6458
Showing 1 changed file with 12 additions and 1 deletion.
diff --git a/cvelib/cve_api.py b/cvelib/cve_api.py
@@ -34,7 +34,18 @@ class Schemas(Constants):
         V5_SCHEMA = next(SCHEMA_DIR.glob("CVE_JSON_5.0_bundled_*.json"))
 
     @classmethod
-    def validate(cls, cve_json: dict, schema_path: str) -> None:
+    def validate(cls, cve_json: dict, schema_path: Optional[str] = None) -> None:
+        """Validate a CVE record against a JSON schema.
+
+        Optionally, specify a path to a JSON schema file with which to validate the record; if not
+        specified, the Published CNA container schema bundled in cvelib/schemas/ is used. All
+        other schemas in that directory must be explicitly specified, e.g.:
+
+        CveRecord.validate(cve_json, schema_path=CveRecord.Schemas.CNA_REJECTED)
+        """
+        if schema_path is None:
+            schema_path = cls.Schemas.CNA_PUBLISHED
+
         with open(schema_path) as schema_file:
             schema = json.load(schema_file)