Google Git
Sign in
go / website / 1521c226adf9d85c8f53dc1788d42357898c10ab^! / .
commit1521c226adf9d85c8f53dc1788d42357898c10ab[log] [tgz]
authorJulie Qiu <julie@golang.org>Thu Jun 02 17:12:35 2022 -0400
committerJulie Qiu <julieqiu@google.com>Mon Jun 06 17:01:53 2022 +0000
tree14bebcc4bd8a10c7a3181aa595510130089aa402
parent0dceb95d042c6e3637ee1476fc08e5ffb02d4e3b [diff]
_content/security/vulndb: format markdown

Also add a note that this project is a WIP.

Change-Id: I85dfea09d0d63a42043128fbb407d2051342b424
Reviewed-on: https://go-review.googlesource.com/c/website/+/410215
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Reviewed-by: Julie Qiu <julieqiu@google.com>

diff --git a/_content/security/vulndb/index.md b/_content/security/vulndb/index.md
index f2ec71e..c6bdacf 100644
--- a/_content/security/vulndb/index.md
+++ b/_content/security/vulndb/index.md

@@ -2,10 +2,13 @@
 title: Go Vulnerability Management
 layout: article
 ---
+
 ## Overview
 
 This page describes the Go vulnerability management system.
 
+_This project is a work in progress._
+
 ## Architecture
 
 <div class="image">
@@ -18,29 +21,29 @@
 pieces:
 
 1. A **data pipeline** that populates the vulnerability database. Data about
-new vulnerabilities come directly from Go package maintainers or sources such as
-MITRE and GitHub. Reports are curated by the Go Security team.
+   new vulnerabilities come directly from Go package maintainers or sources such as
+   MITRE and GitHub. Reports are curated by the Go Security team.
 
 2. A **vulnerability database** that stores all information presented by
-govulncheck and can be consumed by other clients.
+   govulncheck and can be consumed by other clients.
 
 3. A **client library**
-([golang.org/x/vuln/client](https://golang.org/x/vuln/client)), which reads data
-from the Go vulnerability database. This is also used by pkg.go.dev to surface
-vulnerabilities.
+   ([golang.org/x/vuln/client](https:/golang.org/x/vuln/client)), which reads data
+   from the Go vulnerability database. This is also used by pkg.go.dev to surface
+   vulnerabilities.
 
 4. A **vulncheck API**
-([golang.org/x/vuln/vulncheck](https://golang.org/x/vuln/vulncheck)), which is
-used to find vulnerabilities affecting Go packages and perform static analysis.
-This API is made available for clients that do not want to run the govulncheck
-binary, such as VS Code Go.
+   ([golang.org/x/vuln/vulncheck](https:/golang.org/x/vuln/vulncheck)), which is
+   used to find vulnerabilities affecting Go packages and perform static analysis.
+   This API is made available for clients that do not want to run the govulncheck
+   binary, such as VS Code Go.
 
 5. The **govulncheck command**
-([golang.org/x/vuln/cmd/govulncheck](https://golang.org/x/vuln/cmd/govulncheck),
-a wrapper around the vulncheck library for use on the command line.
+   ([golang.org/x/vuln/cmd/govulncheck](https:/golang.org/x/vuln/cmd/govulncheck),
+   a wrapper around the vulncheck library for use on the command line.
 
 6. A **web portal** that presents information about vulnerabilities, hosted at
-[pkg.go.dev/vuln](https://pkg.go.dev/vuln).
+   [pkg.go.dev/vuln](https://pkg.go.dev/vuln).
 
 ## Protocol