csaf

Common Security Advisory Framework (CSAF)

A lovingly hand-crafted¹ implementation of CSAF for Rust. Currently, based on the v2.0 editor draft. Should be considered strictly less-strict than the spec right now - valid CSAF should deserialize successfully, but invalid CSAF may also succeed and the library may generate invalid CSAF.

My current use case is for experimenting with the VEX profile.

1 - CSAF defines a JSON Schema schema using Draft 2020-12. schemafy exists for generating Rust code from JSON Schema, but supports an older draft which differs significantly from the 2020-12 draft.