search

oasis-tcs / csaf

OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secondary artifacts like meeting minutes and productivity code
https://github.com/oasis-tcs/csaf
Other
152 stars 40 forks source link

Offer multiple documents of one advisory #715

Open cintek opened 8 months ago

cintek commented 8 months ago

ISDUBA is a repo where we implement an application which allows users to compare different CSAF documents. Especially the case where users can compare different documents of the same advisory is interesting because you can see how an advisory developed between different versions. To be able to test such a case it would be great to have such an example available in the csaf repo.

One example for such an advisory would be the one with the tracking ID WID-SEC-W-2023-2649 from the BSI. Here are two documents of that advisory: wid-sec-w-2023-2649_2023.json wid-sec-w-2023-2649_2024.json

You would have to cut off the _2023 or _2024 in the file name and then you could place the files here: csaf_2.1/examples/csaf/multiple_versions/2023/wid-sec-w-2023-2649.json csaf_2.1/examples/csaf/multiple_versions/2024/wid-sec-w-2023-2649.json

tschmidtb51 commented 3 months ago

I'll label it with examples. To reduce the complexity during writing the standard, we will look into that as soon as most changes have be made.