Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve the generated template README #224

Merged
merged 1 commit into from
Jul 16, 2024
Merged

Improve the generated template README #224

merged 1 commit into from
Jul 16, 2024

Conversation

macedogm
Copy link
Contributor

@macedogm macedogm commented Jul 11, 2024
edited
Loading

Small suggestion to improve the generated template README with:

  1. Update the example command.
  2. The status referenced fixed, but the text under investigation.
  3. Some formatting improvements.
  4. Typo fixes.

Before

image

After

image

cpanato
cpanato approved these changes Jul 12, 2024
View reviewed changes
Copy link
Member

@cpanato cpanato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

thanks

cpanato
cpanato requested changes Jul 12, 2024
View reviewed changes
pkg/ctl/implementation.go
@@ -47,21 +47,22 @@ const (
"`vexctl generate` when generating VEX data for a release or\n" +
"a specific artifact.\n\n" +
"To add new statements to publish data about a vulnerability,\n" +
"download [vexctl](https://github.com/openvex/vexctl)\n" +
"and append new statements using `vexctl add`. For example:\n\n" +
"download [vexctl] and append new statements using\n" +
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah sorry

i think you can keep the link

Suggested change
"download [vexctl] and append new statements using\n" +
"download [vexctl](https://github.com/openvex/vexctl) and append new statements using\n" +

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The auto generated template will be like this, because it uses the shortcut reference link.

OpenVEX Templates Directory

This directory contains the OpenVEX data for this repository.
The files stored in this directory are used as templates by
vexctl generate when generating VEX data for a release or
a specific artifact.

To add new statements to publish data about a vulnerability,
download vexctl and append new statements using
vexctl add. For example:

vexctl add --in-place main.openvex.json --product pkg:oci/test --vuln CVE-2014-1234567 --status under_investigation

That will add a new VEX statement expressing that the impact of
CVE-2014-1234567 is under investigation in the test image. When
cutting a new release, for pkg:oci/test the new file can be
incorporated to the release's VEX data.

Read more about OpenVEX

To know more about generating, publishing and using VEX data
in your project, please check out the vexctl repository and
documentation.

OpenVEX also has an examples repository with samples and docs.

We use the same shortcut in both references to vexctl, because the original target link is the same.

image

@macedogm macedogm requested a review from cpanato July 12, 2024 20:53
@cpanato
Copy link
Member

cpanato commented Jul 16, 2024

thanks

@cpanato cpanato merged commit 56ed566 into openvex:main Jul 16, 2024
10 checks passed
@macedogm macedogm deleted the template-fix branch July 16, 2024 09:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@puerco puerco puerco approved these changes

@cpanato cpanato cpanato approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@macedogm @cpanato @puerco