mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-22 16:40:48 +00:00
Update PULL-EXAMPLE.md
Fixing line length issues, header issue
This commit is contained in:
parent
78c3551305
commit
58e0e69c12
1 changed files with 31 additions and 8 deletions
|
@ -1,14 +1,25 @@
|
||||||
|
# Pull Request Example #
|
||||||
|
|
||||||
Thank you for contributing to CISA's Log4j-affected-db GitHub Repository! Please follow the steps listed below in order to add a product to the public repository. **Note:** To assure the accuracy of data please only include products that have official advisories or alerts that verify the product's vulnerabilty status to [CVE-2021-4104](https://nvd.nist.gov/vuln/detail/cve-2021-4104), [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228), [CVE-2021-45046](https://nvd.nist.gov/vuln/detail/CVE-2021-45046), and/or [CVE-2021-45105.](https://nvd.nist.gov/vuln/detail/CVE-2021-45105?s=09).
|
Thank you for contributing to CISA's Log4j-affected-db GitHub Repository! Please
|
||||||
|
follow the steps listed below in order to add a product to the public
|
||||||
|
repository. **Note:** To assure the accuracy of data please only include
|
||||||
|
products that have official advisories or alerts that verify the product's
|
||||||
|
vulnerability status to [CVE-2021-4104](https://nvd.nist.gov/vuln/detail/cve-2021-4104), [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228), [CVE-2021-45046](https://nvd.nist.gov/vuln/detail/CVE-2021-45046),
|
||||||
|
and/or [CVE-2021-45105.](https://nvd.nist.gov/vuln/detail/CVE-2021-45105?s=09).
|
||||||
|
|
||||||
**Step 1:** Go to the cisagov data .yml files and choose the appropriate file to include your updates (example link). The files are separated alphabetically based on the first letter of the vendor name. For example, 'CISA' would be located in [`cisagov_C.yml`](https://github.com/cisagov/data/cisagov_C.yml).
|
**Step 1:** Go to the cisagov data .yml files and choose the appropriate file to
|
||||||
|
include your updates (example link). The files are separated alphabetically
|
||||||
|
based on the first letter of the vendor name. For example, 'CISA' would be
|
||||||
|
located in [`cisagov_C.yml`](https://github.com/cisagov/data/cisagov_C.yml).
|
||||||
|
|
||||||
**Step 2:** Click the file edit button.
|
**Step 2:** Click the file edit button.
|
||||||
|
|
||||||
**Step 3:** Add the blank template to the **.yml** file for new entries and fill it out with the correct data.
|
**Step 3:** Add the blank template to the **.yml** file for new entries and fill
|
||||||
|
it out with the correct data.
|
||||||
|
|
||||||
Blank template:
|
Blank template:
|
||||||
```
|
```
|
||||||
|
|
||||||
- vendor: ''
|
- vendor: ''
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
@ -39,16 +50,26 @@ Blank template:
|
||||||
- ''
|
- ''
|
||||||
last_updated: ''
|
last_updated: ''
|
||||||
```
|
```
|
||||||
**Step 3:** Verify the new entry was entered before and/or after the prior and next entries.
|
|
||||||
|
|
||||||
- If you are adding it to the beginning of the file, ensure you are pasting it after `software:` and before the next entry starting with `- vendor:`.
|
**Step 3:** Verify the new entry was entered before and/or after the prior and
|
||||||
- If you are adding it to the end of the file, ensure the entry ends before the file is closed out with `...`.
|
next entries.
|
||||||
|
|
||||||
**Step 4:** When you add content to the file, remove the `''` or `[]` for fields which are replaced with values (strings `''` or lists `[]` should be replaced as shown in the example below, with list values on the following line(s) starting with hyphen(s) `-`). The symbols should only remain used when fields remain empty. For example, `fixed_versions: []` in our example below remains as is, given there are no patched versions available for this entry.
|
- If you are adding it to the beginning of the file, ensure you are pasting
|
||||||
|
it after `software:` and before the next entry starting with `- vendor:`.
|
||||||
|
- If you are adding it to the end of the file, ensure the entry ends before
|
||||||
|
the file is closed out with `...`.
|
||||||
|
|
||||||
|
**Step 4:** When you add content to the file, remove the `''` or `[]` for fields
|
||||||
|
which are replaced with values (strings `''` or lists `[]` should be replaced as
|
||||||
|
shown in the example below, with list values on the following line(s) starting
|
||||||
|
with hyphen(s) `-`). The symbols should only remain used when fields remain
|
||||||
|
empty. For example, `fixed_versions: []` in our example below remains as is,
|
||||||
|
given there are no patched versions available for this entry.
|
||||||
|
|
||||||
**Note:** not all fields have to be updated.
|
**Note:** not all fields have to be updated.
|
||||||
|
|
||||||
Entry example:
|
Entry example:
|
||||||
|
|
||||||
```
|
```
|
||||||
- vendor: CISA
|
- vendor: CISA
|
||||||
product: Product
|
product: Product
|
||||||
|
@ -84,6 +105,8 @@ Entry example:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-14T00:00:00'
|
last_updated: '2021-12-14T00:00:00'
|
||||||
```
|
```
|
||||||
**Step 5:** Validate that your data follows the appropriate format and proceed with submitting the pull request.
|
|
||||||
|
**Step 5:** Validate that your data follows the appropriate format and proceed
|
||||||
|
with submitting the pull request.
|
||||||
|
|
||||||
For any additional questions feel free to [submit an Issue request](https://github.com/cisagov/log4j-affected-db/issues).
|
For any additional questions feel free to [submit an Issue request](https://github.com/cisagov/log4j-affected-db/issues).
|
||||||
|
|
Loading…
Reference in a new issue