Create JSON 5.0 Lint Tool #9
Labels
community development
This label represents ideas that are being developed/led by community members.
Comments
|
A prototype CVE Program JSON 5.0 Lint Tool is available at https://github.com/mprpic/cvelint. |
rbrittonMitre
moved this from Submitted
to Approved (not prioritized)
in CVE Program Idea/Feature Tracker
rbrittonMitre
moved this from Approved (not prioritized)
to In Progress
in CVE Program Idea/Feature Tracker
rbrittonMitre
added
the
community development
|
Is there further action to take here? Will the CVE Program develop a lint tool? Will we ask the community for more? I've used |
|
@jgamblin noted at today's AWG meeting that some folks were exploring ideas around linting/enhancing CVE records using an LLM. Jerry, got any details on this, or someone else who can provide them? |
|
I am tracking this down and will try to get more information posted here soon. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Proposed New Idea/Feature
Usually, CVEs are confidential up to the time they are published "live" and instantiated in the CVE Corpus. If CNAs have incorporated the call to RSUS in their publishing tool, any JSON5 errors are flagged at the time of publication and then they have to be fixed and republished. This can add stress to an already stressful situation. It would be great to have a command line tool that would read the CVEs and flag any JSON5 errors external to the call to RSUS so that any inconsistencies can be addressed prior to the publication.
Such a tool would benefit many CNAs as it would allow them to identify JSON 5.0 errors prior to submitting them to RSUS saving them the time of having to attempt to publish only to fail because of a JSON syntax error.
The text was updated successfully, but these errors were encountered: