Comments (7)
kurtseifried
commented on June 25, 2024
schema.gsd.id/DOMAIN/SCHEMA-NAME.json (latest) or SCHEMA-NAME-1.2.3.json correct?
so e.g. schema.gsd.id/osv.dev/osv-1.5.0.json or schema.gsd.id/gsd.id/osv-gsd-1.0.0.json
from gsd-tools.
joshbuker
commented on June 25, 2024
I would be tempted to do a slightly different encoding, but that works, yes.
Alternative idea: https://schema.gsd.id/DOMAIN/SCHEMA-NAME/version
e.g.
https://schema.gsd.id/osv.dev/osv/latest
https://schema.gsd.id/osv.dev/osv/1.5.0
https://schema.gsd.id/gsd.id/osv-gsd/1.0.0
from gsd-tools.
kurtseifried
commented on June 25, 2024
I think your way is better. So I'll do that. Also for content type we'll use: application/schema+json as per the draft spec:
https://json-schema.org/draft/2019-09/json-schema-core.html
from gsd-tools.
kurtseifried
commented on June 25, 2024
Oh I remember why I wanted to do it my way, it can just be files in a directory attached to cloudflare pages.
from gsd-tools.
joshbuker
commented on June 25, 2024
Per slack discussion, could also do:
https://schema.gsd.id/osv.dev/osv/latest/schema.json
https://schema.gsd.id/osv.dev/osv/1.5.0/schema.json
https://schema.gsd.id/gsd.id/osv-gsd/1.0.0/schema.json
And do a direct file mapping.
from gsd-tools.
kurtseifried
commented on June 25, 2024
Ok as per discussion we went with human firendly and machine friendly layout:
For humans we have the files with the version number embedded, e.g.: gsd.id/osv-gsd/schema-osv-gsd-1.0.1.json
For computers we have the files in directories with the version number, e.g.: gsd.id/osv-gsd/1.0.1/schema.json
The latest version of the schema is in the root directory and called schema.json, e.g.: gsd.id/osv-gsd/schema.json
from gsd-tools.
kurtseifried
commented on June 25, 2024
also I'm using cloudflare pages which serves the json as "application/json" (and doesn't seem to lead _headers rewrite it), to get the proper "application/schema+json" we'll need to use a cloudflare worker or something that allows control of the header. That's a future problem/
from gsd-tools.
Related Issues (20)
- Reach out to Ruby Advisory Database community about participation with GSD
- API Endpoint to request/reserve a GSD ID HOT 1
- Update gsd-web to use jsonschema validator HOT 2
- Update gsd-schema with kurtseifried/gsd-schema changes
- Link in https://github.com/cloudsecurityalliance/gsd-tools/blob/main/securitylist/README.md goes to 404 HOT 1
- Fix GSD Bot creating multiple affected packages instead of using multiple ranges
- Update GSD Bot to use INTRODUCED/FIX for reference types HOT 2
- Add tooltips for data.gsd.id add reference type
- Add text box for commit message when editing on data.gsd.id
- Update GSD Web to update modified at when changing a GSD
- Update Edit Button to support all OSV fields HOT 3
- GSD data normalization and format cross-compatibility/conversion
- Vulnerability Data Source Landscape HOT 1
- Update data.gsd.id show page to include all OSV values
- Create an OpenAPI v3.1 Spec for GSD API
- Create Python Interface for GSD HOT 1
- @dawiddczarnecki - counting CVE HOT 1
- Update NVD automation to use the V2 api HOT 1
- Where do kernel vulnerabilities come from ? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gsd-tools.