Skip to content

Commit 49405da

Browse files
david-roccadavid-rocca
committed
updated readme
1 parent 18d1a6f commit 49405da

1 file changed

Lines changed: 18 additions & 0 deletions

File tree

README.md

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
*NOTE: the Test environment of CVE Services now includes the release candidate “User Registry” which adds many additional features. See the details at the end of this ReadMe doc.*
2+
13
# CVE-API
24

35
![CodeQL](https://github.com/CVEProject/cve-services/workflows/CodeQL/badge.svg)
@@ -140,3 +142,19 @@ In order to run the unit tests:
140142
```sh
141143
npm run start:test
142144
```
145+
146+
147+
### User Registry
148+
149+
The CVE Automation Working Group (on behalf of the CVE Program) is currently working on a new automation capability: the User Registry. The objective of the User Registry is to modernize how CVE Program Organizations (e.g., CNAs, Roots, Top level Roots, the Secretariat) manage/update their organizational properties and user pools. The new capability will ultimately allow CNAs, Roots, Top Level Roots to better manage their own data/user pools with more robust information. It is targeted to be implemented in a series of incremental deployments to CVE Services in the Fall/2025 through Summer/2026.
150+
151+
Current Status: The release candidate for the first User Registry increment (termed the User Registry MVP) is now available for testing/review in the CVE Program Testing Environment. (Note that this release IS NOT a PRODUCTION Release and will not be visible in the CVE Program PRODUCTION environment).
152+
This release candidate establishes a new, more robust User/Organizations databases (and associated APIs) while maintaining full backwards compatibility with the current User/Organizational management functions (meaning that current CVE Services clients will not be required to be modified with the deployment of this candidate). It was discussed at the 6/11/2025 CVE Program AWG meeting.
153+
154+
HowTo: Credentialed users of CVE Services will be able to use the new capabilities via the API endpoints. Note that support for new endpoints may not be immediately available in the “client” tools provided by the community.
155+
156+
Next Steps: The AWG is taking comments/questions on this release candidate. You can provide feedback in three ways:
157+
Send comments/questions to AWG+owner@CVE-CWE-Programs.groups.io,
158+
159+
Post Issues/Questions to the CVE Services Issue Board (please attach a “user registry” label to your post).
160+
Attend (virtually) an AWG meeting which meets every week on Tuesday at 4:00 PM Eastern US Time. Send a request for the link to AWG+owner@CVE-CWE-Programs.groups.io.

0 commit comments

Comments
 (0)