From 3101424f249d5e64742ddbfe0c07580727a94526 Mon Sep 17 00:00:00 2001
From: Vijay Sarvepalli <vssarvepalli@cert.org>
Date: Thu, 11 Jul 2024 16:17:34 -0400
Subject: [PATCH 1/6] Updates to schema to add schemaVersion as optional field

---
 .../system_exposure_1_0_0.json                |  3 +-
 .../current/Decision_Point_Group.schema.json  |  2 +-
 .../v1/Decision_Point-1-0-1.schema.json       | 61 ++++++++++---------
 ...=> Decision_Point_Group-1-0-1.schema.json} |  9 ++-
 ...on_Point_Value_Selection-1-0-1.schema.json |  2 +
 src/ssvc/__init__.py                          |  2 +
 src/ssvc/_mixins.py                           |  3 +-
 src/test/test_schema.py                       | 33 +++++-----
 8 files changed, 66 insertions(+), 49 deletions(-)
 rename data/schema/v1/{Decision_Point_Group-1-0-1.json => Decision_Point_Group-1-0-1.schema.json} (82%)

diff --git a/data/json/decision_points/system_exposure_1_0_0.json b/data/json/decision_points/system_exposure_1_0_0.json
index 60b5dc75..5a7d0043 100644
--- a/data/json/decision_points/system_exposure_1_0_0.json
+++ b/data/json/decision_points/system_exposure_1_0_0.json
@@ -1,5 +1,6 @@
 {
   "namespace": "ssvc",
+  "schemaVersion": "1-0-1",
   "version": "1.0.0",
   "key": "EXP",
   "name": "System Exposure",
@@ -21,4 +22,4 @@
       "description": "Internet or another widely accessible network where access cannot plausibly be restricted or controlled (e.g., DNS servers, web servers, VOIP servers, email servers)"
     }
   ]
-}
\ No newline at end of file
+}
diff --git a/data/schema/current/Decision_Point_Group.schema.json b/data/schema/current/Decision_Point_Group.schema.json
index ac51774b..22a4f53a 120000
--- a/data/schema/current/Decision_Point_Group.schema.json
+++ b/data/schema/current/Decision_Point_Group.schema.json
@@ -1 +1 @@
-../v1/Decision_Point_Group-1-0-1.json
\ No newline at end of file
+../v1/Decision_Point_Group-1-0-1.schema.json
\ No newline at end of file
diff --git a/data/schema/v1/Decision_Point-1-0-1.schema.json b/data/schema/v1/Decision_Point-1-0-1.schema.json
index b642cd06..ff9f3d48 100644
--- a/data/schema/v1/Decision_Point-1-0-1.schema.json
+++ b/data/schema/v1/Decision_Point-1-0-1.schema.json
@@ -36,34 +36,38 @@
 	    "type": "object",
 	    "additionalProperties": false,
 	    "properties": {
-            "namespace": {
-		"type": "string",
-		"description": "Namespace (a short, unique string): For example, \"ssvc\" or \"cvss\" to indicate the source of the decision point"
-            },
-            "version": {
-		"type": "string",
-		"description": "Version (a semantic version string) that identifies this object"
-            },
-            "key": {
-		"type": "string",
-		"description": "A key (a short, unique string) that can be used to identify the Decision Point/Decision Point value in a shorthand way"
-            },
-            "name": {
-		"type": "string",
-		"description": "A short label that captures the description of the Decision Point or the Group of Decision Points."
-            },
-            "description": {
-		"type": "string",
-		"description": "q Description of the Decision Point or the Group of Decision Points as defined."
-            },
-            "values": {
-		"description": "Decision Point Values are valid results from a Decision Point",
-		"uniqueItems": true,
-		"type": "array",
-		"items": {
-		    "$ref": "#/definitions/decision_point_value"
+		"schemaVersion": {
+		    "$ref": "#/definitions/schemaVersion"
+		},
+		"namespace": {
+		    "type": "string",
+		    "description": "Namespace (a short, unique string): For example, \"ssvc\" or \"cvss\" to indicate the source of the decision point"
+		},
+		"version": {
+		    "type": "string",
+		    "description": "Version (a semantic version string) that identifies this object"
+		},
+		"key": {
+		    "type": "string",
+		    "description": "A key (a short, unique string) that can be used to identify the Decision Point/Decision Point value in a shorthand way"
+		},
+		"name": {
+		    "type": "string",
+		    "description": "A short label that captures the description of the Decision Point or the Group of Decision Points."
+		},
+		"description": {
+		    "type": "string",
+		    "description": "q Description of the Decision Point or the Group of Decision Points as defined."
+		},
+		"values": {
+		    "description": "Decision Point Values are valid results from a Decision Point",
+		    "uniqueItems": true,
+		    "type": "array",
+		    "minItems": 1,
+		    "items": {
+			"$ref": "#/definitions/decision_point_value"
+		    }
 		}
-            }
 	    },
 	    "required": [
 		"namespace",
@@ -71,7 +75,8 @@
 		"key",
 		"name",
 		"description",
-		"values"
+		"values",
+		"schemaVersion"
 	    ]
 	}
     },
diff --git a/data/schema/v1/Decision_Point_Group-1-0-1.json b/data/schema/v1/Decision_Point_Group-1-0-1.schema.json
similarity index 82%
rename from data/schema/v1/Decision_Point_Group-1-0-1.json
rename to data/schema/v1/Decision_Point_Group-1-0-1.schema.json
index 40838cad..b1c1a4e7 100644
--- a/data/schema/v1/Decision_Point_Group-1-0-1.json
+++ b/data/schema/v1/Decision_Point_Group-1-0-1.schema.json
@@ -12,6 +12,9 @@
 	    "type": "object",
 	    "additionalProperties": false,
 	    "properties": {
+		"schemaVersion": {
+                    "$ref": "#/definitions/schemaVersion"
+                },
 		"version": {
 		    "type": "string",
 		    "description": "Version (a semantic version string) that identifies this object"
@@ -26,8 +29,9 @@
 		},
 		"decision_points": {
 		    "type": "array",
+		    "minItems": 1,
 		    "items": {
-			"$ref": "https://certcc.github.io/SSVC/data/schema/Decision_Point.schema.json"
+			"$ref": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point-1-0-1.schema.json"
 		    }
 		}
 	    },
@@ -35,7 +39,8 @@
 		"version",
 		"name",
 		"description",
-		"decision_points"
+		"decision_points",
+		"schemaVersion"
 	    ]
 	}
     },
diff --git a/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json b/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
index 5703f47f..d9455057 100644
--- a/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
+++ b/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
@@ -41,6 +41,7 @@
 		    "description": "Evaluated values of the Decision Point",
 		    "title": "values",
 		    "type": "array",
+		    "minItems": 1,
 		    "items": {
 			"description": "Each value that were down-selected for a Decision Point",
 			"title": "values",
@@ -80,6 +81,7 @@
 		    "description" : "An array of Decision Points and their Values that were down-selected or evaluated ",
 		    "title": "selections",
 		    "type": "array",
+		    "minItems": 1,
 		    "items": {
 			"$ref": "#/definitions/SsvcdecisionpointselectionSchema"
 		    }
diff --git a/src/ssvc/__init__.py b/src/ssvc/__init__.py
index 87d6fd03..31995ad1 100644
--- a/src/ssvc/__init__.py
+++ b/src/ssvc/__init__.py
@@ -13,3 +13,5 @@
 """
 Provides SSVC modules.
 """
+
+_schemaVersion = "1-0-1"
diff --git a/src/ssvc/_mixins.py b/src/ssvc/_mixins.py
index c68db33e..609c7b73 100644
--- a/src/ssvc/_mixins.py
+++ b/src/ssvc/_mixins.py
@@ -22,6 +22,7 @@
 
 from dataclasses_json import config, dataclass_json
 
+from . import _schemaVersion
 
 @dataclass_json
 @dataclass(kw_only=True)
@@ -31,7 +32,7 @@ class _Versioned:
     """
 
     version: str = "0.0.0"
-
+    schemaVersion: str = _schemaVersion
 
 @dataclass_json
 @dataclass(kw_only=True)
diff --git a/src/test/test_schema.py b/src/test/test_schema.py
index b34ed47b..4fb346fb 100644
--- a/src/test/test_schema.py
+++ b/src/test/test_schema.py
@@ -16,6 +16,9 @@
 import unittest
 
 import jsonschema
+from jsonschema import Draft202012Validator
+from referencing import Registry, Resource
+import os
 
 import ssvc.decision_points  # noqa F401
 from ssvc.decision_points.base import REGISTERED_DECISION_POINTS
@@ -29,15 +32,16 @@
 # importing these causes the decision points to register themselves
 from ssvc.dp_groups.ssvc.collections import SSVCv1, SSVCv2, SSVCv2_1  # noqa
 
+def retrieve_local(uri):
+    fileuri = uri.replace("https://certcc.github.io/SSVC", os.getcwd())
+    if os.path.exists(fileuri):
+        fh = open(fileuri)
+        schema = json.load(fh)
+        fh.close()
+        return Resource.from_contents(schema)
+    raise FileNotFoundError(f"Could not find DEBUG path issues {fileuri}")
 
-def find_schema(basepath: str) -> str:
-    import os
-
-    for pfx in (".", "..", "../.."):
-        path = os.path.join(pfx, basepath)
-        if os.path.exists(path):
-            return path
-    raise FileNotFoundError(f"Could not find {basepath}")
+registry = Registry(retrieve=retrieve_local)
 
 
 class MyTestCase(unittest.TestCase):
@@ -64,8 +68,7 @@ def test_confirm_registered_decision_points(self):
 
     def test_decision_point_validation(self):
         # path relative to top level of repo
-        schema_file = find_schema("data/schema/current/Decision_Point.schema.json")
-        schema = json.load(open(schema_file))
+        schema_url = "https://certcc.github.io/SSVC/data/schema/current/Decision_Point.schema.json"
 
         decision_points = list(REGISTERED_DECISION_POINTS)
         self.assertGreater(len(decision_points), 0)
@@ -76,7 +79,7 @@ def test_decision_point_validation(self):
             loaded = json.loads(as_json)
 
             try:
-                jsonschema.validate(loaded, schema)
+                Draft202012Validator({"$ref": schema_url}, registry=registry).validate(loaded)
             except jsonschema.exceptions.ValidationError as e:
                 exp = e
 
@@ -86,21 +89,19 @@ def test_decision_point_validation(self):
             )
 
     def test_decision_point_group_validation(self):
-        schema_file = find_schema("data/schema/current/Decision_Point_Group.schema.json")
-        schema = json.load(open(schema_file))
-
+        schema_url = "https://certcc.github.io/SSVC/data/schema/current/Decision_Point_Group.schema.json"
         for dpg in self.dpgs:
             exp = None
             as_json = dpg.to_json()
             loaded = json.loads(as_json)
 
             try:
-                jsonschema.validate(loaded, schema)
+                Draft202012Validator({"$ref": schema_url},registry=registry).validate(loaded)
             except jsonschema.exceptions.ValidationError as e:
                 exp = e
 
             self.assertIsNone(exp, f"Validation failed for {dpg.name} {dpg.version}")
-            self.logger.debug(f"Validation passed for {dpg.name} v{dpg.version}")
+            self.logger.debug(f"Validation passed for Decision Point Group {dpg.name} v{dpg.version}")
 
 
 if __name__ == "__main__":

From f4d2decb06a4fb33eb11c059bca69685386d4f55 Mon Sep 17 00:00:00 2001
From: Vijay Sarvepalli <vssarvepalli@cert.org>
Date: Fri, 12 Jul 2024 17:59:18 -0400
Subject: [PATCH 2/6] Updated all data/json/decision_point/* files
 appropriately with schemaVersion field

---
 data/json/decision_points/automatable_2_0_0.json                 | 1 +
 data/json/decision_points/exploitation_1_0_0.json                | 1 +
 data/json/decision_points/exploitation_1_1_0.json                | 1 +
 data/json/decision_points/human_impact_1_0_0.json                | 1 +
 data/json/decision_points/human_impact_2_0_0.json                | 1 +
 data/json/decision_points/human_impact_2_0_1.json                | 1 +
 .../decision_points/mission_and_well-being_impact_1_0_0.json     | 1 +
 data/json/decision_points/mission_impact_1_0_0.json              | 1 +
 data/json/decision_points/mission_impact_2_0_0.json              | 1 +
 data/json/decision_points/public_safety_impact_1_0_0.json        | 1 +
 data/json/decision_points/public_safety_impact_2_0_0.json        | 1 +
 data/json/decision_points/public_safety_impact_2_0_1.json        | 1 +
 data/json/decision_points/public_value_added_1_0_0.json          | 1 +
 data/json/decision_points/public_well-being_impact_1_0_0.json    | 1 +
 data/json/decision_points/report_credibility_1_0_0.json          | 1 +
 data/json/decision_points/report_public_1_0_0.json               | 1 +
 data/json/decision_points/safety_impact_1_0_0.json               | 1 +
 data/json/decision_points/safety_impact_2_0_0.json               | 1 +
 data/json/decision_points/supplier_cardinality_1_0_0.json        | 1 +
 data/json/decision_points/supplier_contacted_1_0_0.json          | 1 +
 data/json/decision_points/supplier_engagement_1_0_0.json         | 1 +
 data/json/decision_points/supplier_involvement_1_0_0.json        | 1 +
 data/json/decision_points/system_exposure_1_0_0.json             | 1 +
 data/json/decision_points/system_exposure_1_0_1.json             | 1 +
 data/json/decision_points/technical_impact_1_0_0.json            | 1 +
 data/json/decision_points/utility_1_0_0.json                     | 1 +
 data/json/decision_points/utility_1_0_1.json                     | 1 +
 data/json/decision_points/value_density_1_0_0.json               | 1 +
 data/json/decision_points/virulence_1_0_0.json                   | 1 +
 29 files changed, 29 insertions(+)

diff --git a/data/json/decision_points/automatable_2_0_0.json b/data/json/decision_points/automatable_2_0_0.json
index 9a0369b2..d3719742 100644
--- a/data/json/decision_points/automatable_2_0_0.json
+++ b/data/json/decision_points/automatable_2_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.0",
   "key": "A",
diff --git a/data/json/decision_points/exploitation_1_0_0.json b/data/json/decision_points/exploitation_1_0_0.json
index 9f287310..5ea674fd 100644
--- a/data/json/decision_points/exploitation_1_0_0.json
+++ b/data/json/decision_points/exploitation_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "E",
diff --git a/data/json/decision_points/exploitation_1_1_0.json b/data/json/decision_points/exploitation_1_1_0.json
index bebf78a3..fadd91e8 100644
--- a/data/json/decision_points/exploitation_1_1_0.json
+++ b/data/json/decision_points/exploitation_1_1_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.1.0",
   "key": "E",
diff --git a/data/json/decision_points/human_impact_1_0_0.json b/data/json/decision_points/human_impact_1_0_0.json
index 9d056efa..051c3789 100644
--- a/data/json/decision_points/human_impact_1_0_0.json
+++ b/data/json/decision_points/human_impact_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "HI",
diff --git a/data/json/decision_points/human_impact_2_0_0.json b/data/json/decision_points/human_impact_2_0_0.json
index b2e5ab7a..27166e3b 100644
--- a/data/json/decision_points/human_impact_2_0_0.json
+++ b/data/json/decision_points/human_impact_2_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.0",
   "key": "HI",
diff --git a/data/json/decision_points/human_impact_2_0_1.json b/data/json/decision_points/human_impact_2_0_1.json
index 6c83e47e..80b1d1d3 100644
--- a/data/json/decision_points/human_impact_2_0_1.json
+++ b/data/json/decision_points/human_impact_2_0_1.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.1",
   "key": "HI",
diff --git a/data/json/decision_points/mission_and_well-being_impact_1_0_0.json b/data/json/decision_points/mission_and_well-being_impact_1_0_0.json
index 9751bded..a9f85575 100644
--- a/data/json/decision_points/mission_and_well-being_impact_1_0_0.json
+++ b/data/json/decision_points/mission_and_well-being_impact_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "MWI",
diff --git a/data/json/decision_points/mission_impact_1_0_0.json b/data/json/decision_points/mission_impact_1_0_0.json
index 456db1bd..42221205 100644
--- a/data/json/decision_points/mission_impact_1_0_0.json
+++ b/data/json/decision_points/mission_impact_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "MI",
diff --git a/data/json/decision_points/mission_impact_2_0_0.json b/data/json/decision_points/mission_impact_2_0_0.json
index 9d096ce0..a9378b8e 100644
--- a/data/json/decision_points/mission_impact_2_0_0.json
+++ b/data/json/decision_points/mission_impact_2_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.0",
   "key": "MI",
diff --git a/data/json/decision_points/public_safety_impact_1_0_0.json b/data/json/decision_points/public_safety_impact_1_0_0.json
index bc8ec442..0426c72b 100644
--- a/data/json/decision_points/public_safety_impact_1_0_0.json
+++ b/data/json/decision_points/public_safety_impact_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "PSI",
diff --git a/data/json/decision_points/public_safety_impact_2_0_0.json b/data/json/decision_points/public_safety_impact_2_0_0.json
index 81f414d8..f4890df9 100644
--- a/data/json/decision_points/public_safety_impact_2_0_0.json
+++ b/data/json/decision_points/public_safety_impact_2_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.0",
   "key": "PSI",
diff --git a/data/json/decision_points/public_safety_impact_2_0_1.json b/data/json/decision_points/public_safety_impact_2_0_1.json
index b993b033..74693702 100644
--- a/data/json/decision_points/public_safety_impact_2_0_1.json
+++ b/data/json/decision_points/public_safety_impact_2_0_1.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.1",
   "key": "PSI",
diff --git a/data/json/decision_points/public_value_added_1_0_0.json b/data/json/decision_points/public_value_added_1_0_0.json
index 566b80c4..8345355c 100644
--- a/data/json/decision_points/public_value_added_1_0_0.json
+++ b/data/json/decision_points/public_value_added_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "PVA",
diff --git a/data/json/decision_points/public_well-being_impact_1_0_0.json b/data/json/decision_points/public_well-being_impact_1_0_0.json
index 7e6556f4..10d10d78 100644
--- a/data/json/decision_points/public_well-being_impact_1_0_0.json
+++ b/data/json/decision_points/public_well-being_impact_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "PWI",
diff --git a/data/json/decision_points/report_credibility_1_0_0.json b/data/json/decision_points/report_credibility_1_0_0.json
index 0b1c910a..b8dd759a 100644
--- a/data/json/decision_points/report_credibility_1_0_0.json
+++ b/data/json/decision_points/report_credibility_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "RC",
diff --git a/data/json/decision_points/report_public_1_0_0.json b/data/json/decision_points/report_public_1_0_0.json
index 195b8c33..72babfcc 100644
--- a/data/json/decision_points/report_public_1_0_0.json
+++ b/data/json/decision_points/report_public_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "RP",
diff --git a/data/json/decision_points/safety_impact_1_0_0.json b/data/json/decision_points/safety_impact_1_0_0.json
index f76474e1..cdf74c68 100644
--- a/data/json/decision_points/safety_impact_1_0_0.json
+++ b/data/json/decision_points/safety_impact_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "SI",
diff --git a/data/json/decision_points/safety_impact_2_0_0.json b/data/json/decision_points/safety_impact_2_0_0.json
index 795813bb..f62db6e7 100644
--- a/data/json/decision_points/safety_impact_2_0_0.json
+++ b/data/json/decision_points/safety_impact_2_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.0",
   "key": "SI",
diff --git a/data/json/decision_points/supplier_cardinality_1_0_0.json b/data/json/decision_points/supplier_cardinality_1_0_0.json
index 36088dcc..a41903bb 100644
--- a/data/json/decision_points/supplier_cardinality_1_0_0.json
+++ b/data/json/decision_points/supplier_cardinality_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "SC",
diff --git a/data/json/decision_points/supplier_contacted_1_0_0.json b/data/json/decision_points/supplier_contacted_1_0_0.json
index 526ef3e0..9cc7e6b7 100644
--- a/data/json/decision_points/supplier_contacted_1_0_0.json
+++ b/data/json/decision_points/supplier_contacted_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "SC",
diff --git a/data/json/decision_points/supplier_engagement_1_0_0.json b/data/json/decision_points/supplier_engagement_1_0_0.json
index cce9d92a..df4df175 100644
--- a/data/json/decision_points/supplier_engagement_1_0_0.json
+++ b/data/json/decision_points/supplier_engagement_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "SE",
diff --git a/data/json/decision_points/supplier_involvement_1_0_0.json b/data/json/decision_points/supplier_involvement_1_0_0.json
index 0adcf48d..6d20be11 100644
--- a/data/json/decision_points/supplier_involvement_1_0_0.json
+++ b/data/json/decision_points/supplier_involvement_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "SI",
diff --git a/data/json/decision_points/system_exposure_1_0_0.json b/data/json/decision_points/system_exposure_1_0_0.json
index 5a7d0043..42f1b5b8 100644
--- a/data/json/decision_points/system_exposure_1_0_0.json
+++ b/data/json/decision_points/system_exposure_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "schemaVersion": "1-0-1",
   "version": "1.0.0",
diff --git a/data/json/decision_points/system_exposure_1_0_1.json b/data/json/decision_points/system_exposure_1_0_1.json
index f287944d..9dcb0906 100644
--- a/data/json/decision_points/system_exposure_1_0_1.json
+++ b/data/json/decision_points/system_exposure_1_0_1.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.1",
   "key": "EXP",
diff --git a/data/json/decision_points/technical_impact_1_0_0.json b/data/json/decision_points/technical_impact_1_0_0.json
index a844a82b..4c0cc802 100644
--- a/data/json/decision_points/technical_impact_1_0_0.json
+++ b/data/json/decision_points/technical_impact_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "TI",
diff --git a/data/json/decision_points/utility_1_0_0.json b/data/json/decision_points/utility_1_0_0.json
index c71273ce..d34f975a 100644
--- a/data/json/decision_points/utility_1_0_0.json
+++ b/data/json/decision_points/utility_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "U",
diff --git a/data/json/decision_points/utility_1_0_1.json b/data/json/decision_points/utility_1_0_1.json
index a1b72bce..093eb8f7 100644
--- a/data/json/decision_points/utility_1_0_1.json
+++ b/data/json/decision_points/utility_1_0_1.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.1",
   "key": "U",
diff --git a/data/json/decision_points/value_density_1_0_0.json b/data/json/decision_points/value_density_1_0_0.json
index 2c2db1a4..902ec005 100644
--- a/data/json/decision_points/value_density_1_0_0.json
+++ b/data/json/decision_points/value_density_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "VD",
diff --git a/data/json/decision_points/virulence_1_0_0.json b/data/json/decision_points/virulence_1_0_0.json
index dfa91097..973fc173 100644
--- a/data/json/decision_points/virulence_1_0_0.json
+++ b/data/json/decision_points/virulence_1_0_0.json
@@ -1,4 +1,5 @@
 {
+  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
   "key": "V",

From d33154cc74fce79f73df9654a3ae058c77b4ccef Mon Sep 17 00:00:00 2001
From: Allen Householder <adh@cert.org>
Date: Mon, 15 Jul 2024 15:05:08 -0400
Subject: [PATCH 3/6] run doctools.py on the current code

---
 data/json/decision_points/automatable_2_0_0.json             | 2 +-
 data/json/decision_points/exploitation_1_0_0.json            | 2 +-
 data/json/decision_points/exploitation_1_1_0.json            | 2 +-
 data/json/decision_points/human_impact_2_0_0.json            | 2 +-
 data/json/decision_points/human_impact_2_0_1.json            | 2 +-
 .../decision_points/mission_and_well-being_impact_1_0_0.json | 2 +-
 data/json/decision_points/mission_impact_1_0_0.json          | 2 +-
 data/json/decision_points/mission_impact_2_0_0.json          | 2 +-
 data/json/decision_points/public_safety_impact_2_0_0.json    | 2 +-
 data/json/decision_points/public_safety_impact_2_0_1.json    | 2 +-
 data/json/decision_points/public_value_added_1_0_0.json      | 2 +-
 .../json/decision_points/public_well-being_impact_1_0_0.json | 2 +-
 data/json/decision_points/report_credibility_1_0_0.json      | 2 +-
 data/json/decision_points/report_public_1_0_0.json           | 2 +-
 data/json/decision_points/safety_impact_1_0_0.json           | 2 +-
 data/json/decision_points/safety_impact_2_0_0.json           | 2 +-
 data/json/decision_points/supplier_cardinality_1_0_0.json    | 2 +-
 data/json/decision_points/supplier_contacted_1_0_0.json      | 2 +-
 data/json/decision_points/supplier_engagement_1_0_0.json     | 2 +-
 data/json/decision_points/supplier_involvement_1_0_0.json    | 2 +-
 data/json/decision_points/system_exposure_1_0_0.json         | 5 ++---
 data/json/decision_points/system_exposure_1_0_1.json         | 2 +-
 data/json/decision_points/technical_impact_1_0_0.json        | 2 +-
 data/json/decision_points/utility_1_0_0.json                 | 2 +-
 data/json/decision_points/utility_1_0_1.json                 | 2 +-
 data/json/decision_points/value_density_1_0_0.json           | 2 +-
 data/json/decision_points/virulence_1_0_0.json               | 2 +-
 27 files changed, 28 insertions(+), 29 deletions(-)

diff --git a/data/json/decision_points/automatable_2_0_0.json b/data/json/decision_points/automatable_2_0_0.json
index d3719742..90ac4a09 100644
--- a/data/json/decision_points/automatable_2_0_0.json
+++ b/data/json/decision_points/automatable_2_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.0",
+  "schemaVersion": "1-0-1",
   "key": "A",
   "name": "Automatable",
   "description": "Can an attacker reliably automate creating exploitation events for this vulnerability?",
diff --git a/data/json/decision_points/exploitation_1_0_0.json b/data/json/decision_points/exploitation_1_0_0.json
index 5ea674fd..d7099083 100644
--- a/data/json/decision_points/exploitation_1_0_0.json
+++ b/data/json/decision_points/exploitation_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "E",
   "name": "Exploitation",
   "description": "The present state of exploitation of the vulnerability.",
diff --git a/data/json/decision_points/exploitation_1_1_0.json b/data/json/decision_points/exploitation_1_1_0.json
index fadd91e8..aed0a7af 100644
--- a/data/json/decision_points/exploitation_1_1_0.json
+++ b/data/json/decision_points/exploitation_1_1_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.1.0",
+  "schemaVersion": "1-0-1",
   "key": "E",
   "name": "Exploitation",
   "description": "The present state of exploitation of the vulnerability.",
diff --git a/data/json/decision_points/human_impact_2_0_0.json b/data/json/decision_points/human_impact_2_0_0.json
index 27166e3b..ce7a8b4e 100644
--- a/data/json/decision_points/human_impact_2_0_0.json
+++ b/data/json/decision_points/human_impact_2_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.0",
+  "schemaVersion": "1-0-1",
   "key": "HI",
   "name": "Human Impact",
   "description": "Human Impact is a combination of Safety and Mission impacts.",
diff --git a/data/json/decision_points/human_impact_2_0_1.json b/data/json/decision_points/human_impact_2_0_1.json
index 80b1d1d3..fd21da49 100644
--- a/data/json/decision_points/human_impact_2_0_1.json
+++ b/data/json/decision_points/human_impact_2_0_1.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.1",
+  "schemaVersion": "1-0-1",
   "key": "HI",
   "name": "Human Impact",
   "description": "Human Impact is a combination of Safety and Mission impacts.",
diff --git a/data/json/decision_points/mission_and_well-being_impact_1_0_0.json b/data/json/decision_points/mission_and_well-being_impact_1_0_0.json
index a9f85575..d63cda57 100644
--- a/data/json/decision_points/mission_and_well-being_impact_1_0_0.json
+++ b/data/json/decision_points/mission_and_well-being_impact_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "MWI",
   "name": "Mission and Well-Being Impact",
   "description": "Mission and Well-Being Impact is a combination of Mission Prevalence and Public Well-Being Impact.",
diff --git a/data/json/decision_points/mission_impact_1_0_0.json b/data/json/decision_points/mission_impact_1_0_0.json
index 42221205..3ede44f1 100644
--- a/data/json/decision_points/mission_impact_1_0_0.json
+++ b/data/json/decision_points/mission_impact_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "MI",
   "name": "Mission Impact",
   "description": "Impact on Mission Essential Functions of the Organization",
diff --git a/data/json/decision_points/mission_impact_2_0_0.json b/data/json/decision_points/mission_impact_2_0_0.json
index a9378b8e..d1a578a3 100644
--- a/data/json/decision_points/mission_impact_2_0_0.json
+++ b/data/json/decision_points/mission_impact_2_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.0",
+  "schemaVersion": "1-0-1",
   "key": "MI",
   "name": "Mission Impact",
   "description": "Impact on Mission Essential Functions of the Organization",
diff --git a/data/json/decision_points/public_safety_impact_2_0_0.json b/data/json/decision_points/public_safety_impact_2_0_0.json
index f4890df9..4cf25b4f 100644
--- a/data/json/decision_points/public_safety_impact_2_0_0.json
+++ b/data/json/decision_points/public_safety_impact_2_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.0",
+  "schemaVersion": "1-0-1",
   "key": "PSI",
   "name": "Public Safety Impact",
   "description": "A coarse-grained representation of impact to public safety.",
diff --git a/data/json/decision_points/public_safety_impact_2_0_1.json b/data/json/decision_points/public_safety_impact_2_0_1.json
index 74693702..2f76bbff 100644
--- a/data/json/decision_points/public_safety_impact_2_0_1.json
+++ b/data/json/decision_points/public_safety_impact_2_0_1.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.1",
+  "schemaVersion": "1-0-1",
   "key": "PSI",
   "name": "Public Safety Impact",
   "description": "A coarse-grained representation of impact to public safety.",
diff --git a/data/json/decision_points/public_value_added_1_0_0.json b/data/json/decision_points/public_value_added_1_0_0.json
index 8345355c..772e5de0 100644
--- a/data/json/decision_points/public_value_added_1_0_0.json
+++ b/data/json/decision_points/public_value_added_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "PVA",
   "name": "Public Value Added",
   "description": "How much value would a publication from the coordinator benefit the broader community?",
diff --git a/data/json/decision_points/public_well-being_impact_1_0_0.json b/data/json/decision_points/public_well-being_impact_1_0_0.json
index 10d10d78..a963ea06 100644
--- a/data/json/decision_points/public_well-being_impact_1_0_0.json
+++ b/data/json/decision_points/public_well-being_impact_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "PWI",
   "name": "Public Well-Being Impact",
   "description": "A coarse-grained representation of impact to public well-being.",
diff --git a/data/json/decision_points/report_credibility_1_0_0.json b/data/json/decision_points/report_credibility_1_0_0.json
index b8dd759a..f9ff77f7 100644
--- a/data/json/decision_points/report_credibility_1_0_0.json
+++ b/data/json/decision_points/report_credibility_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "RC",
   "name": "Report Credibility",
   "description": "Is the report credible?",
diff --git a/data/json/decision_points/report_public_1_0_0.json b/data/json/decision_points/report_public_1_0_0.json
index 72babfcc..67151fd2 100644
--- a/data/json/decision_points/report_public_1_0_0.json
+++ b/data/json/decision_points/report_public_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "RP",
   "name": "Report Public",
   "description": "Is a viable report of the details of the vulnerability already publicly available?",
diff --git a/data/json/decision_points/safety_impact_1_0_0.json b/data/json/decision_points/safety_impact_1_0_0.json
index cdf74c68..e25fc5d3 100644
--- a/data/json/decision_points/safety_impact_1_0_0.json
+++ b/data/json/decision_points/safety_impact_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "SI",
   "name": "Safety Impact",
   "description": "The safety impact of the vulnerability.",
diff --git a/data/json/decision_points/safety_impact_2_0_0.json b/data/json/decision_points/safety_impact_2_0_0.json
index f62db6e7..0c78a0e6 100644
--- a/data/json/decision_points/safety_impact_2_0_0.json
+++ b/data/json/decision_points/safety_impact_2_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "2.0.0",
+  "schemaVersion": "1-0-1",
   "key": "SI",
   "name": "Safety Impact",
   "description": "The safety impact of the vulnerability. (based on IEC 61508)",
diff --git a/data/json/decision_points/supplier_cardinality_1_0_0.json b/data/json/decision_points/supplier_cardinality_1_0_0.json
index a41903bb..b4ad4c7c 100644
--- a/data/json/decision_points/supplier_cardinality_1_0_0.json
+++ b/data/json/decision_points/supplier_cardinality_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "SC",
   "name": "Supplier Cardinality",
   "description": "How many suppliers are responsible for the vulnerable component and its remediation or mitigation plan?",
diff --git a/data/json/decision_points/supplier_contacted_1_0_0.json b/data/json/decision_points/supplier_contacted_1_0_0.json
index 9cc7e6b7..8eaf7976 100644
--- a/data/json/decision_points/supplier_contacted_1_0_0.json
+++ b/data/json/decision_points/supplier_contacted_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "SC",
   "name": "Supplier Contacted",
   "description": "Has the reporter made a good-faith effort to contact the supplier of the vulnerable component using a quality contact method?",
diff --git a/data/json/decision_points/supplier_engagement_1_0_0.json b/data/json/decision_points/supplier_engagement_1_0_0.json
index df4df175..2f741598 100644
--- a/data/json/decision_points/supplier_engagement_1_0_0.json
+++ b/data/json/decision_points/supplier_engagement_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "SE",
   "name": "Supplier Engagement",
   "description": "Is the supplier responding to the reporter\u2019s contact effort and actively participating in the coordination effort?",
diff --git a/data/json/decision_points/supplier_involvement_1_0_0.json b/data/json/decision_points/supplier_involvement_1_0_0.json
index 6d20be11..e43b79c7 100644
--- a/data/json/decision_points/supplier_involvement_1_0_0.json
+++ b/data/json/decision_points/supplier_involvement_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "SI",
   "name": "Supplier Involvement",
   "description": "What is the state of the supplier\u2019s work on addressing the vulnerability?",
diff --git a/data/json/decision_points/system_exposure_1_0_0.json b/data/json/decision_points/system_exposure_1_0_0.json
index 42f1b5b8..5b77eb1b 100644
--- a/data/json/decision_points/system_exposure_1_0_0.json
+++ b/data/json/decision_points/system_exposure_1_0_0.json
@@ -1,8 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
-  "schemaVersion": "1-0-1",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "EXP",
   "name": "System Exposure",
   "description": "The Accessible Attack Surface of the Affected System or Service",
@@ -23,4 +22,4 @@
       "description": "Internet or another widely accessible network where access cannot plausibly be restricted or controlled (e.g., DNS servers, web servers, VOIP servers, email servers)"
     }
   ]
-}
+}
\ No newline at end of file
diff --git a/data/json/decision_points/system_exposure_1_0_1.json b/data/json/decision_points/system_exposure_1_0_1.json
index 9dcb0906..d2fca848 100644
--- a/data/json/decision_points/system_exposure_1_0_1.json
+++ b/data/json/decision_points/system_exposure_1_0_1.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.1",
+  "schemaVersion": "1-0-1",
   "key": "EXP",
   "name": "System Exposure",
   "description": "The Accessible Attack Surface of the Affected System or Service",
diff --git a/data/json/decision_points/technical_impact_1_0_0.json b/data/json/decision_points/technical_impact_1_0_0.json
index 4c0cc802..6b9c8676 100644
--- a/data/json/decision_points/technical_impact_1_0_0.json
+++ b/data/json/decision_points/technical_impact_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "TI",
   "name": "Technical Impact",
   "description": "The technical impact of the vulnerability.",
diff --git a/data/json/decision_points/utility_1_0_0.json b/data/json/decision_points/utility_1_0_0.json
index d34f975a..a54ebebd 100644
--- a/data/json/decision_points/utility_1_0_0.json
+++ b/data/json/decision_points/utility_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "U",
   "name": "Utility",
   "description": "The Usefulness of the Exploit to the Adversary",
diff --git a/data/json/decision_points/utility_1_0_1.json b/data/json/decision_points/utility_1_0_1.json
index 093eb8f7..53e39a8a 100644
--- a/data/json/decision_points/utility_1_0_1.json
+++ b/data/json/decision_points/utility_1_0_1.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.1",
+  "schemaVersion": "1-0-1",
   "key": "U",
   "name": "Utility",
   "description": "The Usefulness of the Exploit to the Adversary",
diff --git a/data/json/decision_points/value_density_1_0_0.json b/data/json/decision_points/value_density_1_0_0.json
index 902ec005..f0022b5e 100644
--- a/data/json/decision_points/value_density_1_0_0.json
+++ b/data/json/decision_points/value_density_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "VD",
   "name": "Value Density",
   "description": "The concentration of value in the target",
diff --git a/data/json/decision_points/virulence_1_0_0.json b/data/json/decision_points/virulence_1_0_0.json
index 973fc173..98eee786 100644
--- a/data/json/decision_points/virulence_1_0_0.json
+++ b/data/json/decision_points/virulence_1_0_0.json
@@ -1,7 +1,7 @@
 {
-  "schemaVersion": "1-0-1",
   "namespace": "ssvc",
   "version": "1.0.0",
+  "schemaVersion": "1-0-1",
   "key": "V",
   "name": "Virulence",
   "description": "The speed at which the vulnerability can be exploited.",

From ed13b11759d7fb3a10018bd9422b5bf50fb1b012 Mon Sep 17 00:00:00 2001
From: Vijay Sarvepalli <vssarvepalli@cert.org>
Date: Thu, 24 Oct 2024 11:56:13 -0400
Subject: [PATCH 4/6] Updated schema to remove #definitions for root element of
 the schema - supporting CVE Program

---
 ...on_Point_Value_Selection-1-0-1.schema.json | 67 +++++++++----------
 1 file changed, 32 insertions(+), 35 deletions(-)

diff --git a/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json b/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
index b15800d8..2c6660f2 100644
--- a/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
+++ b/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
@@ -1,6 +1,6 @@
 {
     "$schema": "http://json-schema.org/draft-07/schema#",
-    "$id": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json",
+    "$id": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point_Group_Selection-1-0-1.schema.json",
     "definitions": {
 	"id": {
             "type": "string",
@@ -62,40 +62,37 @@
 		"version"
 	    ],
 	    "additionalProperties": false
-	},
-	"SsvcdecisionpointgroupselectionSchema": {
-	    "properties": {
-		"id": {
-		    "$ref": "#/definitions/id"
-		},
-		"role": {
-		    "$ref": "#/definitions/role"
-		},
-		"schemaVersion": {
-		    "$ref": "#/definitions/schemaVersion"
-		},
-		"timestamp": {
-		    "$ref": "#/definitions/timestamp"
-		},
-		"selections": {
-		    "description" : "An array of Decision Points and their Values that were down-selected or evaluated ",
-		    "title": "selections",
-		    "type": "array",
-		    "minItems": 1,
-		    "items": {
-			"$ref": "#/definitions/SsvcdecisionpointselectionSchema"
-		    }
-		}
-	    },
-	    "type": "object",
-	    "required": [
-		"selections",
-		"id",
-		"timestamp",
-		"schemaVersion"
-	    ],
-	    "additionalProperties": false
 	}
     },
-    "$ref": "#/definitions/SsvcdecisionpointgroupselectionSchema"
+    "properties": {
+	"id": {
+	    "$ref": "#/definitions/id"
+	},
+	"role": {
+	    "$ref": "#/definitions/role"
+	},
+	"schemaVersion": {
+	    "$ref": "#/definitions/schemaVersion"
+	},
+	"timestamp": {
+	    "$ref": "#/definitions/timestamp"
+	},
+	"selections": {
+	    "description" : "An array of Decision Points and their Values that were down-selected or evaluated ",
+	    "title": "selections",
+	    "type": "array",
+	    "minItems": 1,
+	    "items": {
+		"$ref": "#/definitions/SsvcdecisionpointselectionSchema"
+	    }
+	}
+    }, 
+    "type": "object",
+    "required": [
+	"selections",
+	"id",
+	"timestamp",
+	"schemaVersion"
+    ],
+    "additionalProperties": false
 }

From 6031c9d6f3c1cf05a7c6f1100dadcc118cd95727 Mon Sep 17 00:00:00 2001
From: Vijay Sarvepalli <vssarvepalli@cert.org>
Date: Thu, 24 Oct 2024 12:18:27 -0400
Subject: [PATCH 5/6] Erorr in the ID field for
 Decision_Point_Value_Selection-1-0-1.schema.json

---
 data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json b/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
index 2c6660f2..1611f91f 100644
--- a/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
+++ b/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
@@ -1,6 +1,6 @@
 {
     "$schema": "http://json-schema.org/draft-07/schema#",
-    "$id": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point_Group_Selection-1-0-1.schema.json",
+    "$id": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json",
     "definitions": {
 	"id": {
             "type": "string",

From 1597892d354ca5b42f56643b26275d45eebb7d99 Mon Sep 17 00:00:00 2001
From: Vijay Sarvepalli <vssarvepalli@cert.org>
Date: Thu, 24 Oct 2024 12:24:09 -0400
Subject: [PATCH 6/6] Erorr in the ID field for
 Decision_Point_Value_Selection-1-0-1.schema.json

---
 data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json b/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
index 2c6660f2..1611f91f 100644
--- a/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
+++ b/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json
@@ -1,6 +1,6 @@
 {
     "$schema": "http://json-schema.org/draft-07/schema#",
-    "$id": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point_Group_Selection-1-0-1.schema.json",
+    "$id": "https://certcc.github.io/SSVC/data/schema/v1/Decision_Point_Value_Selection-1-0-1.schema.json",
     "definitions": {
 	"id": {
             "type": "string",