Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Standardize artifact information #3

Open
shubhobm opened this issue Jul 3, 2023 · 1 comment
Open

Standardize artifact information #3

shubhobm opened this issue Jul 3, 2023 · 1 comment
Labels
enhancement New feature or request

Comments

@shubhobm
Copy link
Contributor

shubhobm commented Jul 3, 2023
edited
Loading

Standardize information on artifacts, specifically the affects field.

  • Propose an equivalent of the CPE naming scheme
  • This will be adaptable to standardize the naming of arbitrary entities and usage in and outside the context of AVID
  • Can potentially connect to other db's e.g. AIID, the proposed list of govt databases
@shubhobm shubhobm added the enhancement New feature or request label Jul 3, 2023
@shubhobm
Copy link
Contributor Author

From @zoezoezoe's comment in slack:

i was a little confused why affects in the Report/Vuln schema wasn't effects but now i am realizing that the field affects is probably being used as a verb... that also bugs me because everything else in the object is a noun....
i am also realizing this term is also being used in variety of ways in the CVE schemas, including v4 having a field affects and v5 examples having a field affected
i want to propose renaming it to affected standing for the artifacts that have been affected, which is less confusing imo. what do people think?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shubhobm