Skip to content

Draft issue: Additional information needed for create_advisory.sh generated advisories #243

New issue
New issue
Open
Open
Draft issue: Additional information needed for create_advisory.sh generated advisories#243
@JevgenijsCipisevs777

Description

@JevgenijsCipisevs777
JevgenijsCipisevs777
opened on Jul 18, 2025

This script, create_advisory.sh, is used to generate a starter security advisory YAML record for a given PyPI package. It prompts the user for a package name, summary, and evidence URL, then creates a templated YAML file in the appropriate directory structure. The output file follows the OpenSSF OSV schema and includes placeholders for additional details that must be filled in manually. Further information is needed to complete all fields, such as affected versions, credits, references, and full advisory details.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions