sigs.k8s.io/kueue@v0.6.2/.openvex/templates/README.md

sigs.k8s.io/kueue@v0.6.2/.openvex/templates/README.md (about)

     1  # OpenVEX Templates Directory
     2  
     3  This directory contains the OpenVEX data for this repository.
     4  The files stored in this directory are used as templates by
     5  `vexctl generate` when generating VEX data for a release or 
     6  a specific artifact.
     7  
     8  To add new statements to publish data about a vulnerability,
     9  download [vexctl](https://github.com/openvex/vexctl)
    10  and append new statements using `vexctl add`. For example:
    11  ```
    12  vexctl add --in-place main.openvex.json pkg:oci/test CVE-2014-1234567 fixed
    13  ```
    14  That will add a new VEX statement expressing that the impact of
    15  CVE-2014-1234567 is under investigation in the test image. When
    16  cutting a new release, for `pkg:oci/test` the new file will be
    17  incorporated to the relase's VEX data.
    18  
    19  ## Read more about OpenVEX
    20  
    21  To know more about generating, publishing and using VEX data
    22  in your project, please check out the vexctl repository and
    23  documentation: https://github.com/openvex/vexctl
    24  
    25  OpenVEX also has an examples repository with samples and docs:
    26  https://github.com/openvex/examples
    27