Merge pull request #2 from RustSec/unaffected-and-patched-versions

Separate "unaffected_versions" and "patched_versions"
2025-12-30 16:24:05 +01:00 · 2017-02-25 15:38:29 -08:00
parent 520426b0f8 c28b7ceb38
commit 38aa9550ea
1 changed files with 6 additions and 1 deletions
--- a/README.md
+++ b/README.md
@@ -13,7 +13,12 @@ Each advisory contains information in [TOML] format:
 ```toml
 [vulnerability]
 package = "mypackage"
-versions = ["1.2.0", "1.2.3", "1.2.4", "1.2.5"]
+
+# Versions which were never vulnerable
+unaffected_versions = ["< 1.1.0"]
+
+# Versions which include fixes for this vulnerability
+patched_versions = [">= 1.2.0"]

 # It is strongly recommended to request a CVE, or alternatively a DWF, and
 # reference the assigned number here.