Explain purpose of cvelint better; update example

mprpic · Apr 1, 2024 · 63d38c9 · 63d38c9
1 parent d070f9e
commit 63d38c9
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -1,12 +1,13 @@
 # cvelint
 
-CVE records in the [v5 JSON schema](https://github.com/CVEProject/cve-schema/tree/master/schema/v5.0) may include errors that are neither enforceable by a schema, nor validated on the backend in CVE Services when a CVE record is created/updated. This CLI tool aims to validate CVE records for such errors.
+CVE records in the [v5 JSON schema](https://github.com/CVEProject/cve-schema/tree/master/schema/v5.0) may include errors that are neither enforceable by a schema, nor validated on the backend in CVE Services when a CVE record is created/updated.
+This CLI tool aims to validate CVE records for such errors so they can be fixed, and changes to the CVE schema can be made based on these findings.
 
 ## Installation
 
 ### Binary Releases
 
-For Linux, Mac OS, or Windows, you can download a binary release [here](https://github.com/mprpic/cvelint/releases).
+For Linux, macOS, or Windows, you can download a binary release [here](https://github.com/mprpic/cvelint/releases).
 
 ### Build from Source
 
@@ -24,7 +25,7 @@ $ ./cvelint -select E005 -cna redhat ./cvelistV5/cves/2023/
 Collected 13501 files; checked 222 files.
 
 CVE-2023-3618 (redhat) -- /home/user/cvelistV5/cves/2023/3xxx/CVE-2023-3618.json
-  E005  Incorrect CVSS v3 severity: "high" (should be "medium")
+  E005  Incorrect CVSS v3 severity: "high"; should be "medium" (at "containers.cna.metrics.1.cvssV3_1")
 
 Found 1 error.
 $ ./cvelint -show-rules  # Display available validation rules