#security #advisory #vulnerability


An implementation of the Common Security Advisory Framework (CSAF)

3 releases

0.3.2 Nov 10, 2021
0.3.1 Oct 10, 2021
0.3.0 Oct 10, 2021

#4 in #advisory

MIT license

771 lines

Common Security Advisory Framework (CSAF)

A lovingly hand-crafted1 implementation of CSAF for Rust. Currently, based on the v2.0 editor draft. Should be considered strictly less-strict than the spec right now - valid CSAF should deserialize successfully, but invalid CSAF may also succeed and the library may generate invalid CSAF.

My current use case is for experimenting with the VEX profile.

1 - CSAF defines a JSON Schema schema using Draft 2020-12. schemafy exists for generating Rust code from JSON Schema, but supports an older draft which differs significantly from the 2020-12 draft.


~327K SLoC