Skip to content

Comprehensive documentation overhaul#48

Merged
sei-vsarvepalli merged 4 commits intoCERTCC:mainfrom
jgamblin:docs/readme-overhaul
Apr 2, 2026
Merged

Comprehensive documentation overhaul#48
sei-vsarvepalli merged 4 commits intoCERTCC:mainfrom
jgamblin:docs/readme-overhaul

Conversation

@jgamblin
Copy link
Copy Markdown
Contributor

@jgamblin jgamblin commented Apr 1, 2026

Summary

Complete rewrite of all documentation files with screenshots, working examples, and reconstructed changelog.

README.md — full rewrite

  • Table of contents, features list, quick start guide
  • Screenshots of login screen and CVE editor modal
  • Architecture section with core files table and how-it-works flow
  • Node.js usage section with working cveClientlib examples
  • Testing section (Vitest, 51 tests, Node 22+)
  • Dependencies table with SRI info
  • Fixed typos: "rollour" → "roll out", "sha-284" → "SHA-384", "Subsource" → "Subresource", "ECMAScrip6" → "ECMAScript 6"
  • Removed dead link to xdrr/cve.js
  • Badges at bottom (license, release, issues, last commit)

CHANGELOG.md — reconstructed missing versions

  • Added 1.0.24 (2026-03-28): security fixes (XSS, prototype pollution, API key hardening), ADP support, schema version detection, SweetAlert2 update
  • Added 1.0.23 (2025-12-15): bug fixes, CVE AWG demo updates, login fixes
  • Cleaned up formatting for all existing entries (1.0.17–1.0.22)

INSTALL.md — expanded from 3 paragraphs to full guide

  • Quick start with 4 local server options (Python, Node, PHP, Ruby)
  • Note about file:// not working
  • Apache and Nginx CSP configuration examples
  • CVE Services endpoints table (production, test, local)

RISKS.md — restructured

  • Added section headers (Precautions, How cveClient Mitigates Risk)
  • Added description of encrypt-storage.js RSA-OAEP mitigation
  • Cleaned up formatting and removed 10+ trailing blank lines

Test plan

  • Verify README renders correctly on GitHub with screenshots, TOC links, and code blocks
  • Verify CHANGELOG versions and dates are accurate against git history
  • Verify INSTALL.md CSP matches what's actually in the codebase
  • Verify all internal links (INSTALL.md, RISKS.md, CHANGELOG.md, source files) resolve

🤖 Generated with Claude Code

@sei-vsarvepalli sei-vsarvepalli mentioned this pull request Apr 2, 2026
Open
@jgamblin jgamblin force-pushed the docs/readme-overhaul branch 2 times, most recently from f92e422 to 9f166d7 Compare April 2, 2026 18:36
@jgamblin
Copy link
Copy Markdown
Contributor Author

jgamblin commented Apr 2, 2026

Note: PRs #46 and #47 should be merged before this one. PR #46 includes a test fix needed for CI to pass, and this PR's README references features from both #46 (local schema) and #47 (AI Review). After those land, this PR will need a rebase.

jgamblin and others added 4 commits April 2, 2026 13:59
@jgamblin @claude
docs: comprehensive documentation overhaul
8a1ce6b 
README.md — complete rewrite:
- Added table of contents, features list, quick start guide
- Added screenshots (login screen, CVE editor modal)
- Added architecture section with core files table and how-it-works
- Added Node.js usage section with working cveClientlib examples
- Added testing section (Vitest, 51 tests, Node 22+)
- Fixed typos (rollour, sha-284/Subsource, ECMAScrip6)
- Removed dead link to xdrr/cve.js
- Added dependencies table with SRI info
- Badges at bottom per preference

CHANGELOG.md — reconstructed missing versions:
- Added 1.0.24 (security fixes, ADP support, schema compatibility)
- Added 1.0.23 (bug fixes, CVE AWG demo updates)
- Cleaned up formatting for all existing entries

INSTALL.md — expanded from 3 paragraphs to full guide:
- Added quick start with 4 local server options
- Added Apache and Nginx CSP configuration examples
- Added CVE Services endpoints table

RISKS.md — restructured and cleaned up:
- Added section headers (Precautions, How cveClient Mitigates Risk)
- Added encrypt-storage.js mitigation description
- Cleaned up formatting and trailing whitespace

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@jgamblin @claude
docs: remove screenshots from README
1b63790 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@jgamblin @claude
docs: refocus README for CNA audience, add CONTRIBUTING.md
221d9db 
Split documentation by audience:

README.md — rewritten for CNAs and Roots:
- Privacy callout at top (no data collection, encrypted keys)
- Compatibility table (CVE Services 2.x, JSON Schema 5.x)
- Supported environments table (production, test, local)
- Features focused on CNA workflows, including offline mode
- Removed architecture, Node.js, testing, dependencies sections

CONTRIBUTING.md — new file for developers:
- Architecture overview and core files table
- Key patterns (jQuery, async, state management)
- Local development setup
- Node.js cveClientlib usage with examples
- Running tests (Vitest, 51 tests)
- Dependencies table with SRI info

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@jgamblin @claude
docs: add AI Review feature and local schema references to README
3ed3ddc 
Since PRs CERTCC#46 (schema) and CERTCC#47 (AI review) will also be merged,
update the README to reference those features.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@jgamblin jgamblin force-pushed the docs/readme-overhaul branch from 9f166d7 to 3ed3ddc Compare April 2, 2026 19:00
@sei-vsarvepalli sei-vsarvepalli merged commit a311de7 into CERTCC:main Apr 2, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sei-vsarvepalli sei-vsarvepalli sei-vsarvepalli approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jgamblin @sei-vsarvepalli