container examples incorrectly include providerMetadata #312
Labels
bug
Something isn't working
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
cve-schema/schema/docs/cnaContainer-basic-example.json
Lines 3 to 5 in e23bb9e
cve-schema/schema/docs/cnaContainer-rejected-example.json
Lines 3 to 6 in e23bb9e
cve-schema/schema/docs/cnaContainer-advanced-example.json
Lines 3 to 5 in e23bb9e
The providerMetadata property should be deleted from these files because it is not needed when using CVE Services, and introduces a support cost because users do not immediately know whether to send the specific value of
00000000-0000-4000-9000-000000000000or the UUID of their organization (or either or neither), and thus sometimes ask the CVE program for additional help.Similarly, examples should not be inconsistent (
shortNameabove is only in the rejected example, not in the other two).As shown at https://cveawg.mitre.org/api-docs/#/CVE%20Record/cveCnaCreateSingle
The same note also occurs at https://cveawg.mitre.org/api-docs/#/CVE%20Record/cveCnaUpdateSingle and https://cveawg.mitre.org/api-docs/#/CVE%20Record/cveCnaCreateReject and https://cveawg.mitre.org/api-docs/#/CVE%20Record/cveCnaUpdateReject as well.
With this change, CNAs who study the examples will be ready to submit CVE Records as soon as they are able to compose and send a container. They will not need to guess that the
00000000-0000-4000-9000-000000000000value is fine, will not need to make other API calls to look up their organization's UUID, and will not need to think about whether it is appropriate to send data that is documented aswill be overwritten.The text was updated successfully, but these errors were encountered: