It was tested several times on the full set of 180,000+ CVE to ensure that no data is lost. Deployment is now undergoing, see CVE Board Meeting Notes from October the 12th. Note that as of today "the JSON 4.0 format will continue to be supported for the foreseeable future. [...] the phase-out of JSON 4 support is to be determined and is a Board decision". So nothing should be broken in vuls.io / go-cve-dictionary, and no hurry.
Though, as deployment progresses and CNA will use this v5.0 schema more and more for new CVE, go-cve-dictionary may miss the new bits of information added. It would be nice to support, or plan support for this.
After 2 years of effort, MITRE published CVE JSON schema v5.0: https://github.com/CVEProject/cve-schema/releases/tag/v5.0.0
It was tested several times on the full set of 180,000+ CVE to ensure that no data is lost. Deployment is now undergoing, see CVE Board Meeting Notes from October the 12th. Note that as of today "the JSON 4.0 format will continue to be supported for the foreseeable future. [...] the phase-out of JSON 4 support is to be determined and is a Board decision". So nothing should be broken in vuls.io / go-cve-dictionary, and no hurry.
Though, as deployment progresses and CNA will use this v5.0 schema more and more for new CVE, go-cve-dictionary may miss the new bits of information added. It would be nice to support, or plan support for this.