Skip to content

Commit

Permalink
Merge pull request #22 from RedHatProductSecurity/update-sec-data-url
Browse files Browse the repository at this point in the history
Update to new security data domain
  • Loading branch information
mprpic authored Aug 29, 2024
2 parents 71fb100 + b9a21e1 commit 03bfce1
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions docs/purl.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ different contexts and ecosystems.

Red Hat uses purl to identify software components in our
[CSAF](https://www.redhat.com/en/blog/csaf-vex-documents-now-generally-available) advisory and
[VEX](https://www.redhat.com/en/blog/vulnerability-exploitability-exchange-vex-beta-files-now-available) files as
[VEX](https://www.redhat.com/en/blog/red-hat-vex-files-cves-are-now-generally-available) files as
well as our
[SBOM](https://www.redhat.com/en/blog/future-red-hat-security-data?channel=/en/blog/channel/security) files. We will
continue expanding our use of purl across additional security-related metadata files and software solutions in the
Expand Down Expand Up @@ -71,7 +71,7 @@ The repository ID is a unique value that identifies an RPM repository from where
ID of the repository is the same and the other attributes of the RPM match, such packages even though sourced from
varying URLs can be considered the same for the purposes of simple identification. Given a repository ID, you can
resolve it to a URL using your chosen base URL and a relative path of that repository that exists in the
[repository-to-cpe.json mapping file](https://access.redhat.com/security/data/meta/v1/repository-to-cpe.json). This
[repository-to-cpe.json mapping file](https://security.access.redhat.com/data/meta/v1/repository-to-cpe.json). This
file maps repository IDs to both relative URL paths and CPE IDs that represent product versions in all of Red Hat's
security data files.

Expand Down

0 comments on commit 03bfce1

Please sign in to comment.