Resolve TT-CONSTRUCTION feedback

.dotstop.dot

@@ -57,6 +57,7 @@ digraph G {
 "JLS-25" [sha="8bb517191450f370679dbafd85342e1bbcf797cc84f2a6f1fc119568b534d5e0"];
 "JLS-26" [sha=cf1b73b375697ee56d9788aab79ed01b2730b126a2cc4d7041c9525113e7ed7c];
 "JLS-27" [sha="efd4b438331c155eebaec96cd1eda337567794f8696b327562aaaed5fa8ded69"];
+"JLS-38" [sha="a7ab6cc546e4c9c02c6dc479b8fff29ef6f5be5459185daac4ad1117b2845115"];
 "NJF-01" [sha="548dc86014e093974f68660942daa231271496a471885bbed092a375b3079bd8"];
 "NJF-02" [sha="6ea015646d696e3f014390ff41612eab66ac940f20cf27ce933cbadf8482d526"];
 "NJF-03" [sha="4bd1f8210b7bba9a248055a437f377d9da0b7576c5e3ed053606cf8b5b2febe3"];
@@ -395,11 +396,13 @@ digraph G {
 "TA-RELEASES" -> "JLS-14" [sha="1202b9934353436fba927de6762cf62a8fc23ab0815a3c06f9d0a77b55830720"];
 "TA-RELEASES" -> "JLS-21" [sha="5d57d2b547a841bb31f29034b785d9bec1ffb0e495d80e0e356a54391aa22e1b"];
 "TA-RELEASES" -> "AOU-08" [sha="553e265d835b353b298ce4adf3bdf0b81ff777e38bfa3e42f2a465f33e27644e"];
+"TA-RELEASES" -> "JLS-38" [sha="3b8628c82bf2e6f1a83e44a9dd9479c79593d5d15a85f85e9b81fe1f9be9bd74"];
 "TA-SUPPLY_CHAIN" -> "AOU-02" [sha=cde3adf7a14be6786f9ec48a32f619426ce78727ae0dca48e1064cb5625abbf3];
 "TA-SUPPLY_CHAIN" -> "AOU-03" [sha="2c4b421554b95a604a631d77b854839468f09da2b71a5960e4773f626e8c8a32"];
 "TA-SUPPLY_CHAIN" -> "JLS-23" [sha=fe2b810e22c4da9911266183bc8679a56d8dd2d5a76624cd1f3ee329d9b93a08];
 "TA-TESTS" -> "JLS-16" [sha=a4143b13d9ae2553534457603bdca9beb6cca0ee5b8b9bae50cefa97d2519702];
 "TA-TESTS" -> "AOU-15" [sha=d4fef1c406b26cb7a3b303632f882c982bfedab6c18f4aca38be576219587011];
+"TA-TESTS" -> "JLS-02" [sha="5417ec4f7f55a13a19b801871168b5165f44d46853df2b4a199035db4f54038a"];
 "TA-UPDATES" -> "JLS-06" [sha="7386ba4dfdca14a2b0c73b6b759ddeee66e0196f164322d552c2867e5c7a4b96"];
 "TA-UPDATES" -> "JLS-07" [sha="9256bec79e828b44dd12d4298483bbab7ab24a1eb542c133ee5392ee5829cb7f"];
 "TA-UPDATES" -> "JLS-12" [sha="45b7cf8eebee7a35ba39b3f990cefe3cbfd79c5f74415c5321026d64d89f5703"];

TSF/trustable/statements/JLS-02.md

@@ -23,4 +23,4 @@ score:
     Erikhu1: 1.0
 ---
 
-Fuzz testing is used in the original nlohmann/json repository (https://github.com/nlohmann/json) to uncover edge cases and failure modes throughout development. (https://github.com/nlohmann/json/blob/develop/tests/fuzzing.md)
+Fuzz testing is used in the nlohmann/json repository to uncover edge cases and failure modes throughout development.

TSF/trustable/statements/JLS-10.md

@@ -1,6 +1,14 @@
 ---
 level: 1.1
 normative: true
+references:
+references:
+        - type: website
+          url: "https://github.com/nlohmann/json/releases"
+          description: "List of nlohmann/json releases consisting of source code, build instructions, test code and test result summaries."
+
 ---
 
-Every release includes source code, build instructions, tests and attestations. (TODO: Test result summary)
+Every release of the nlohmann/json library includes source code, build instructions, test code, test results summaries and attestations.
+
+NOTE: Currently, I cannot find any attestations for nlohmann/json.

TSF/trustable/statements/JLS-16.md

@@ -3,14 +3,22 @@ references:
     - type: verbose_file
       path: "./TSF/docs/list_of_test_environments.md"
       comment: "The list of all test-cases together with their execution environments"
+    - type: website
+      url: "https://github.com/score-json/json/actions"
+      description: "Github actions page showing that score-json is using Github host environment."
 evidence:
     type: check_list_of_tests
     configuration: 
         sources:
             - "./tests/src"
             - "./TSF/tests"
+    type: https_response_time
+    configuration:
+        target: 2.0
+        urls:
+            - https://github.com/score-json/json/actions
 level: 1.1
 normative: true
 ---
 
-A list of tests, which is extracted from the test execution, is provided, along with a list of test environments.
+A list of tests, which is extracted from the test execution, is provided, along with a list of test environments, a list of fault induction tests and test construction configurations and results.

TSF/trustable/statements/JLS-38.md

@@ -0,0 +1,20 @@
+---
+level: 1.1
+normative: true
+references:
+        - type: website
+          url: "https://json.nlohmann.me/integration/cmake/"
+          description: "cmake build management documentation for nlohmann/json"
+        - type: website
+          url: "https://json.nlohmann.me/integration/package_managers/"
+          description: "package manager documentation for nlohmann/json"
+evidence:
+        type: https_response_time
+        configuration:
+                target_seconds: 2
+                urls:
+                    - "https://json.nlohmann.me/integration/cmake/"
+                    - "https://json.nlohmann.me/integration/package_managers/"
+---
+
+Every release of the nlohmann/json library shall provide configuration management for build instructions and infrastructure.