-
Notifications
You must be signed in to change notification settings - Fork 85
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Make Purpose section more concise. We don't need a history lesson here anymore :) - Remove old changelogs. - Alphabetically sort databases and ecosystems. - Add some missing databases (Curl, NVD). --------- Signed-off-by: Oliver Chang <ochang@google.com> Signed-off-by: Oliver Chang <oliverchang@users.noreply.github.com>
- Loading branch information
1 parent
37d7002
commit 9235ab5
Showing
3 changed files
with
157 additions
and
342 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
# Change Log | ||
|
||
- 2021-03-29 added "withdrawn" field | ||
- 2021-04-07 changed "details" to Markdown, change "references" to a list of | ||
objects with a new "type" field in addition to the URL. | ||
- 2021-04-23 handful of changes, see Status - 2021-04-23 below for details. Corrected examples. | ||
- 2021-04-26 changed `database-specific` and `ecosystem-specific` to | ||
`database_specific` and `ecosystem_specific` for easier access from languages | ||
that access JSON field keys using x.field notation. | ||
- 2021-06-08 Added "purl" to the "package" field and some minor clarifications. | ||
- 2021-06-30 Fixed an incorrect/typoed specification for "affects" from an array | ||
of objects to an object. | ||
- 2021-08-17 Support multiple packages per entry by moving `packages`, | ||
`ecosystem_specific` and `database_specific` into `affected`. The `affected` | ||
field is intentionally named differently to the previous `affects` field to | ||
make migration easier. Also use "events" containing single versions to | ||
represent affected version ranges instead. | ||
- 2021-09-08 Promoted schema to 1.0. | ||
- 2022-01-19 Released version 1.2.0. Includes various changes suggested by | ||
GitHub (`schema_version`, top-level `database_specific`, `credits`, | ||
`severity`, relaxation of version enumeration requirement). | ||
- 2022-03-24 Released version 1.3.0. Added `last_affected` event type and | ||
`database_specific` to `affected[].ranges[]`. | ||
Context: https://github.com/ossf/osv-schema/issues/35. | ||
- 2023-02-21 Released version 1.4.0. Added per package `severity` and | ||
credit types. | ||
- 2023-04-26 Released version 1.5.0. Added new reference types. | ||
- 2023-08-11 Released version 1.6.0. Several new databases and clarified | ||
definitions of `aliases` and `related`. | ||
- 2023-11-29 Released version 1.6.1. Some cleanup of the schema layout. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.