in reply to daniel:// stenberg://

mastodon - Link to source

chrysn

Nice, it's a documented exchange format <ossf.github.io/osv-schema/>. As I was looking into how to document @RIOT_OS vulnerabilities earlier and was a bit taken aback by the complexity of CSAF <github.com/oasis-tcs/csaf>, this looks like a good alternative.

GitHub - oasis-tcs/csaf: OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secondary artifacts like meeting minutes and productivity code

OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secondary artifacts like meeting minutes and productivity code - ...
GitHub
@RIOT