Differential D24381
books/porters-handbook: Fix mistake in vuln.xml description Authored by salvadore on Apr 12 2020, 3:42 PM. Tags None Referenced Files
Details
The example for vuln.xml contains the line <range><ge>1.6</ge><lt>1.9</lt></range> which is explained as describing the interval 1.6 <= x <= 1.9, but is 1.6 <= x < 1.9 instead as is suggested by:
Diff Detail
Event TimelineComment Actions How about, affected are versions 1.6 and up to but not including 1.9, (...) The example is the most natural as you'd reference the first broken one and the first fixed one, so I think the above is clearer. Nice catch though. Comment Actions Changed as suggested. I would prefer "affected are versions from 1.6 up to but not including 1.9, (...)": does it sounds good? There's something that sounds wrong to me in your suggestion, but maybe it is only because I am not a native English speaker. Comment Actions The 'and' makes it explicit to me that 1.6 is affected. You can think of it as 'version 1.6 and versions up to ...', but I know Romance languages like yours are stricter on leaving out nouns than English. I still think it's ok, but someone may correct me... though I'm one of only a couple of British docs committers :) We'll see what Mat thinks perhaps. Comment Actions That's true, but isn't it normal to have 'first affected version' and 'first fixed version'? "The above example would be used where a vulnerability was discovered in version x, and was fixed in y." I guess the detailed description of le, lt, etc is probably unnecessary to someone who can write XML! Comment Actions I think changing the text and keeping the range is better: I have the impression that half-open intervals are much more common than closed intervals in our database. Then it makes more sense to give an example for the first case than for the latter. May I ask for a doc committer approval (I am a port committer: I need docs approval)? |