versions.md misuses 1.0 in a semver example
ElectricNroff opened this issue · comments
ElectricNroff commented
https://github.com/CVEProject/cve-schema/blob/2aa608b6733cc2730a43901472ef0e706d0ef2b5/schema/v5.0/docs/versions.md has an example of
{
"version": "1.0",
"versionType": "semver",
"lessThan": "2.*",
"status": "affected"
}
but this should instead be written as:
{
"version": "1.0.0",
"versionType": "semver",
"lessThan": "2.*",
"status": "affected"
}
because version 1.0 cannot exist when semantic versioning is used: https://semver.org