mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-23 00:50:48 +00:00
Update PULL-EXAMPLE.MD
This commit is contained in:
parent
39c954b71f
commit
fb0a644f0b
1 changed files with 11 additions and 11 deletions
|
@ -1,13 +1,13 @@
|
||||||
Thank you for contributing to our Log4j-affected-db GitHub Repository! Please follow the steps listed below:
|
Thank you for contributing to our Log4j-affected-db GitHub Repository! Please follow the steps listed below:
|
||||||
|
|
||||||
Step 1: Go to the cisagov data .yml files for choosing the appropriate file to include your updates (example link). The files are separated based on the first letter. For example, 'CISA' would be located in .../cisagov_C.yml
|
**Step 1:** Go to the cisagov data .yml files for choosing the appropriate file to include your updates (example link). The files are separated based on the alphabetical first letter of the vendor name. For example, 'CISA' would be located in .../cisagov_C.yml
|
||||||
|
|
||||||
Step 2: Click the file edit button.
|
**Step 2:** Click the file edit button.
|
||||||
|
|
||||||
Step 3: Add the blank template to the .yml file for new entries and fill it out with the correct data. Note: this template now contains multiple CVEs because we will be expecting this data from the Dutch entries. The multiple CVEs will not be listed in the table per the current request, instead the logic will determine and present a single status based on the available data in the template.
|
**Step 3:** Add the blank template to the **.yml** file for new entries and fill it out with the correct data. Note: we are tracking multiple CVEs on the backend but are currently only displaying all the CVE-2021-44228. The multiple CVEs will not be listed in the table per the current request, instead the logic will determine and present a single status based on the available data in the template.
|
||||||
|
|
||||||
Blank template:
|
Blank template:
|
||||||
'''
|
```
|
||||||
- vendor: ''
|
- vendor: ''
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
@ -38,19 +38,19 @@ Blank template:
|
||||||
- ''
|
- ''
|
||||||
reporter: cisagov
|
reporter: cisagov
|
||||||
last_updated: ''
|
last_updated: ''
|
||||||
'''
|
```
|
||||||
Step 3: Verify the new entry was entered before and/or after the prior and next entries.
|
**Step 3:** Verify the new entry was entered before and/or after the prior and next entries.
|
||||||
● If you are adding it to the beginning of the file, ensure you are pasting it after “software:” and before the next entry starting with “- vendor:”.
|
● If you are adding it to the beginning of the file, ensure you are pasting it after “software:” and before the next entry starting with “- vendor:”.
|
||||||
● If you are adding it to the end of the file, ensure the entry ends before the file is closed out with: “...”
|
● If you are adding it to the end of the file, ensure the entry ends before the file is closed out with: “...”
|
||||||
|
|
||||||
Step 4: When you add content to the file, remove the '' or [] for fields which are replaced with values (strings '' or lists [] should be replaced as shown in the example below, with list values on the following line(s), starting with hyphen(s) “-”). The symbols should only remain used when fields remain empty. For example, fixed_versions: [] in our example below remains as is, given there are no patched versions available for this entry.
|
**Step 4:** When you add content to the file, remove the '' or [] for fields which are replaced with values (strings '' or lists [] should be replaced as shown in the example below, with list values on the following line(s), starting with hyphen(s) “-”). The symbols should only remain used when fields remain empty. For example, fixed_versions: [] in our example below remains as is, given there are no patched versions available for this entry.
|
||||||
|
|
||||||
Note: not all fields have to be updated.
|
Note: not all fields have to be updated.
|
||||||
|
|
||||||
Entry example:
|
Entry example:
|
||||||
'''
|
```
|
||||||
- vendor: ExtraHop
|
- vendor: CISA
|
||||||
product: Reveal(x)
|
product: Chirp
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -83,7 +83,7 @@ Entry example:
|
||||||
- ''
|
- ''
|
||||||
reporter: cisagov
|
reporter: cisagov
|
||||||
last_updated: '2021-12-14T00:00:00'
|
last_updated: '2021-12-14T00:00:00'
|
||||||
'''
|
```
|
||||||
Step 5: validate your data follows the appropriate format and proceed with submitting the pull request. Follow questions may be submitted through the Pull Request.
|
Step 5: validate your data follows the appropriate format and proceed with submitting the pull request. Follow questions may be submitted through the Pull Request.
|
||||||
|
|
||||||
For any additional questions feel free to submit a Issue request [here](https://github.com/cisagov/log4j-affected-db/issues)
|
For any additional questions feel free to submit a Issue request [here](https://github.com/cisagov/log4j-affected-db/issues)
|
||||||
|
|
Loading…
Reference in a new issue