docs: add docs for vulnerability related commands #3362
Conversation
Add documentation for the three vulnerability related APIs: * u.pro.security.vulnerabilities.cve.v1 * u.pro.security.vulnerabilities.usn.v1 * u.pro.packages.updates_with_cves.v1
| @@ -0,0 +1,29 @@ | |||
| # How caching works for vulnerability commands | |||
There was a problem hiding this comment.
Is this page linked from anywhere?
There was a problem hiding this comment.
This is just development documentation, that's why I have not linked it anywhere. But please let me know if there is a common place to link the devel documentation. On a quick glance, I couldn't find a place for it, but I can be wrong here
There was a problem hiding this comment.
I only just realised this was in the dev-docs - I've still got a PR in flight that will move the dev-docs folder back to main, so this page will need to be moved alongside.
There is a dev docs index page, that's the one that should have a link to this new page.
There was a problem hiding this comment.
Just double checking, the index page will be introduced in the new PR right ?
There was a problem hiding this comment.
The index page already exists, it's this one but it's all being moved.
There was a problem hiding this comment.
Overall great changes, but I think that we will want to consider combining some of these pages, and updating some of the existing ones related to CVEs/USNs to point to the new ones (for general discoverability). This is an excellent feature, and we want users to be aware of it.
In particular, please take a look at the security tutorial and update the content there that used the old pro fix commands for listing CVEs to use this new/better command - this is something that we can really show off as a great convenience feature for users, and that tutorial is the perfect place to get eyes on it. It's ok to reuse some of the content you've created already, but wherever possible/where it makes sense, in our existing content we should update to point to this new command. In some places it might just need a link to the new content.
dev-docs/explanations/how_caching_works_for_vulnerability_commands.md
Outdated
Show resolved
Hide resolved
dev-docs/explanations/how_caching_works_for_vulnerability_commands.md
Outdated
Show resolved
Hide resolved
dev-docs/explanations/how_caching_works_for_vulnerability_commands.md
Outdated
Show resolved
Hide resolved
dev-docs/explanations/how_caching_works_for_vulnerability_commands.md
Outdated
Show resolved
Hide resolved
docs/howtoguides/how_to_use_manifest_file_for_pro_vulnerability.rst
Outdated
Show resolved
Hide resolved
docs/howtoguides/how_to_use_manifest_file_for_pro_vulnerability.rst
Outdated
Show resolved
Hide resolved
docs/howtoguides/how_to_use_manifest_file_for_pro_vulnerability.rst
Outdated
Show resolved
Hide resolved
|
Converted to draft because we can't merge until 35 is released |
lucasmoura
force-pushed
the
vulnerability-docs
branch
from
60bea77 to
9bacd75
Compare
| @@ -0,0 +1,29 @@ | |||
| # How caching works for vulnerability commands | |||
There was a problem hiding this comment.
I only just realised this was in the dev-docs - I've still got a PR in flight that will move the dev-docs folder back to main, so this page will need to be moved alongside.
There is a dev docs index page, that's the one that should have a link to this new page.
docs/explanations.rst
Outdated
| explanations/how_to_interpret_output_of_pro_vulnerability_list.md | ||
| explanations/how_to_interpret_output_of_pro_vulnerability_show.md | ||
| explanations/what_is_a_fixable_vulnerability.md |
| Finally, we also display the related USNs to the CVE, in case you want to take a look on them as | ||
| well. |
There was a problem hiding this comment.
Yeah you're right, I was having a moment lol
docs/howtoguides/how_to_use_manifest_file_for_pro_vulnerability.rst
Outdated
Show resolved
Hide resolved
docs/howtoguides/how_to_use_manifest_file_for_pro_vulnerability.rst
Outdated
Show resolved
Hide resolved
lucasmoura
force-pushed
the
vulnerability-docs
branch
from
9bacd75 to
46ebc2e
Compare
|
@s-makin updated |
lucasmoura
force-pushed
the
vulnerability-docs
branch
from
46ebc2e to
daab571
Compare
There was a problem hiding this comment.
Final review: Generally LGTM, we discussed future changes side-channel and agreed to open an issue to remind ourselves what was agreed to do (once the fix issue is fixed).
The link checker is complaining about the discourse links - we can ignore those. There was another outage, but they worked when I checked them just now.
There is a list of spelling errors though. Some of them are genuine (and need to be fixed), and others are new terms that need to be added to the exception list so they get ignored (e.g. CVSS).
Why is this needed?
Add documentation for: