Closed raboof closed 3 months ago
@raboof What would you expect the output to be instead of the current backend error message? Note that this condition is mentioned in cve reject -h
:
...A published CVE can only be rejected with an accompanying record...
I would almost argue that the error message from CVE Services should simply be improved to note that a published CVE record can only be rejected by providing a reject record since Instead, it changes according to the record.
sounds a bit ambiguous.
@raboof What would you expect the output to be instead of the current backend error message? Note that this condition is mentioned in
cve reject -h
:...A published CVE can only be rejected with an accompanying record...
Ah, that documentation is indeed pretty great, but I totally missed it ;).
I would almost argue that the error message from CVE Services should simply be improved to note that a published CVE record can only be rejected by providing a reject record since
Instead, it changes according to the record.
sounds a bit ambiguous.
As a data point, what I did after encountering this error was:
cve publish
(IIRC got a hard-to-read schema validation error)cve reject -f
Perhaps it would be neat to end the error reporting with a generic "See cve <command> -h
", like #85?
Currently,
It might be nice to recognize this error and instruct the user to use
cve reject CVE-2024-31861 -f rejection-body.json