Update README.md to be clearer.

alilleybrinker · alilleybrinker · commit 262dc3eb0593 · 2025-04-25T13:46:18.000-07:00
This amends the `README.md` file to be clearer to navigate.
This is achieved in several ways:

- All links are now hyperlinks on explanatory text, instead of
  bare URLs.
- Where appropriate, information has been gathered into tables.
- How to participate in the QWG and contribute in the repository
  has been spelled out explicitly.
- The distinction between the "production" and "development"
  versions of the format have been clearer by being split into
  distinct sections.

Signed-off-by: Andrew Lilley Brinker &lt;abrinker@mitre.org&gt;
diff --git a/README.md b/README.md
@@ -1,43 +1,117 @@
-# Current Version of CVE Record Format
-
-Update to cve-schema to provide better support for CPE!! if you have integrations that rely on the cve-schema repo structure, please review the changes here. The latest version of the CVE JSON Record Format is 5.1.1. A single schema file with bundled dependencies is available [here](https://github.com/CVEProject/cve-schema/blob/master/schema/docs/CVE_Record_Format_bundled.json).
-
-Note: The CVE Record Format now supports Authorized Data Publisher (ADP) containers there is one active ADP currently.  The CVE Program uses a separate ADP container to provide additional CVE information (e.g., references) for some records. Access this README.md page [here](
-https://github.com/CVEProject/cvelistV5/blob/main/README.md)
-for more information about the CVE Program Container.
-
-Note: Please refer to the CVE Services page [here](https://www.cve.org/AllResources/CveServices) for known issues with the schema. 
-
-# CVE Record Format Overview
-
-cve-schema specifies the CVE Record Format. This is the blueprint for a rich set of JSON data that can be submitted by CVE Numbering Authorities (CNAs) and Authorized Data Publishers (ADPs) to describe a CVE Record. Some examples of CVE Record data include CVE ID number, affected product(s), affected version(s), and public references. While those specific items are required when assigning a CVE, there are many other optional data in the schema that can be used to enrich CVE Records for community benefit.
-
-### Learn
-
-Learn more about the CVE program at: https://www.cve.org/
-
-This CVE Record Format is defined using JSON Schema. Learn more about JSON Schema at: https://json-schema.org/ .
-
-### Latest
-
-The latest version of the CVE Record Format is 5.1.1. It is specified in the JSON schema at https://github.com/CVEProject/cve-schema/blob/master/schema/CVE_Record_Format.json
-
-A single schema file with bundled dependencies is at https://github.com/CVEProject/cve-schema/blob/master/schema/docs/CVE_Record_Format_bundled.json
-
-### Documentation and Guidance
-
-Documentation about this format is available at https://cveproject.github.io/cve-schema/schema/docs/
-
-A mindmap version of the CVE Record structure is at https://cveproject.github.io/cve-schema/schema/docs/mindmap.html
-
-More details about Product and Version Encodings in the CVE Record Format are at https://github.com/CVEProject/cve-schema/blob/master/schema/docs/versions.md
-
-### Examples
-
-A basic example of a full record in the 5.1.1 format with minimally required fields is available at https://github.com/cveproject/cve-schema/blob/master/schema/docs/full-record-basic-example.json
-
-An advanced example of a full record in the 5.1.1 format is available at https://github.com/cveproject/cve-schema/blob/master/schema/docs/full-record-advanced-example.json
-
-A basic example of a cnaContainer, to be used with CVE Services, is available at https://github.com/cveproject/cve-schema/blob/master/schema/docs/cnaContainer-basic-example.json
-
-An advanced example of a cnaContainer, to be used with CVE Services, is available at https://github.com/cveproject/cve-schema/blob/master/schema/docs/cnaContainer-advanced-example.json
+# CVE Record Format
+
+![GitHub Tag](https://img.shields.io/github/v/tag/cveproject/cve-schema)
+![GitHub License](https://img.shields.io/github/license/cveproject/cve-schema)
+
+The **CVE Record Format** is the [JSON schema][json_schema] defining the
+structure of CVE records. It was previously called the "CVE Schema." This
+repository is maintained by the [CVE Quality Working Group][qwg] (QWG) under
+the [QWG Charter][qwg_charter].
+
+This repository is part of the [CVE Project][cve] and is governed by CVE's
+[Professional Code of Conduct][coc].
+
+---
+
+## Read the Record Format
+
+The version of the schema found on the [`main` branch][branch_main] of this
+repository is the current production version used by CVE Services. The
+development version, which reflects work-in-progress changes planned for future
+production versions, is found on the [`develop` branch][branch_develop].
+
+### Production Version
+
+The current production version of the CVE Record Format is available in several
+forms:
+
+| Format         | Link          |
+|:---------------|:--------------|
+| Separate files | [View][fmt_1] |
+| Single file    | [View][fmt_2] |
+| Interactive    | [View][fmt_3] |
+| Mindmap        | [View][fmt_4] |
+
+Additionally, the CVE Record Format incorporates mechanisms for encoding
+product identity and version information, which are [documented in greater
+detail][products_and_versions].
+
+### Development Version
+
+The development version of the CVE Record Format can be found in the
+[`develop` branch][branch_develop]:
+
+| Format         | Link          |
+|:---------------|:--------------|
+| Separate files | [View][fmt_5] |
+
+## Examples
+
+| Description                                                           | Link         |
+|:----------------------------------------------------------------------|:-------------|
+| Example with minimum required fields                                  | [View][ex_1] |
+| More complete example                                                 | [View][ex_2] |
+| A basic example of a `cnaContainer`, to be used with CVE Services     | [View][ex_3] |
+| An advanced example of a `cnaContainer`, to be used with CVE Services | [View][ex_4] |
+
+## Known Issues
+
+The CVE Services page on the CVE site tracks
+[known issues with the CVE Record Format][known_issues].
+
+## Contributing
+
+Work in this repository is managed by the CVE [Quality Working Group][qwg]. QWG
+meetings are open to CVE authorized program members, including:
+
+- Members of the [CVE Board][cve_board]
+- Representatives of [CVE Numbering Authorities (CNAs)][cve_cnas]
+- Representatives of [Authorized Data Publishers (ADPs)][cve_adps]
+- Participants from the [CVE Secretariat][cve_secretariat] (currently
+  [The MITRE Corporation][mitre])
+
+On a case-by-case basis, the QWG can invite to participate, through consensus,
+individuals who are not CVE program members. To request admission to the QWG,
+please contact one of the QWG Co-Chairs, currently
+[Chris Coffin (MITRE)][cochair_chris_coffin] or
+[MegaZone (F5)][cochair_megazone].
+
+Any individual is welcome to participate via [Issues][gh_issues],
+[Discussions][gh_discussions], and [Pull Requests][gh_prs], including opening
+issues, creating proposals, commenting on existing proposals in Pull
+Requests, and asking questions about the Record Format. Decisions on how to
+proceed with any proposal are made by the Quality Working Group via consensus.
+Final authority for approving or rejecting changes to the CVE Record Format
+lies with the [CVE Board][cve_board].
+
+All participation in this project is subject to the rules and procedures of the
+[CVE Professional Code of Conduct][coc].
+
+[branch_develop]: https://github.com/CVEProject/cve-schema/tree/develop
+[branch_main]: https://github.com/CVEProject/cve-schema/tree/main
+[cve]: https://www.cve.org/
+[cve_board]: https://www.cve.org/ProgramOrganization/Board
+[cve_cnas]: https://www.cve.org/ProgramOrganization/CNAs
+[cve_adps]: https://www.cve.org/ProgramOrganization/ADPs
+[cve_secretariat]: https://www.cve.org/ResourcesSupport/Glossary?activeTerm=glossarySecretariat
+[coc]: https://www.cve.org/ResourcesSupport/AllResources/ProfessionalCodeOfConduct
+[cochair_chris_coffin]: https://www.linkedin.com/in/christopher-coffin-1573437/
+[cochair_megazone]: https://www.linkedin.com/in/megazone/
+[ex_1]: https://github.com/cveproject/cve-schema/blob/main/schema/docs/full-record-basic-example.json
+[ex_2]: https://github.com/cveproject/cve-schema/blob/main/schema/docs/full-record-advanced-example.json
+[ex_3]: https://github.com/cveproject/cve-schema/blob/main/schema/docs/cnaContainer-basic-example.json
+[ex_4]: https://github.com/cveproject/cve-schema/blob/main/schema/docs/cnaContainer-advanced-example.json
+[fmt_1]: https://github.com/CVEProject/cve-schema/blob/main/schema/CVE_Record_Format.json
+[fmt_2]: https://github.com/CVEProject/cve-schema/blob/main/schema/docs/CVE_Record_Format_bundled.json
+[fmt_3]: https://cveproject.github.io/cve-schema/schema/docs/
+[fmt_4]: https://cveproject.github.io/cve-schema/schema/docs/mindmap.html
+[fmt_5]: https://github.com/CVEProject/cve-schema/blob/develop/schema/CVE_Record_Format.json
+[gh_issues]: https://github.com/CVEProject/cve-schema/issues
+[gh_discussions]: https://github.com/CVEProject/cve-schema/discussions
+[gh_prs]: https://github.com/CVEProject/cve-schema/pulls
+[json_schema]: https://json-schema.org/
+[known_issues]: https://www.cve.org/AllResources/CveServices
+[mitre]: https://www.mitre.org/
+[products_and_versions]: https://github.com/CVEProject/cve-schema/blob/main/schema/docs/versions.md
+[qwg]: https://github.com/CVEProject/quality-workgroup
+[qwg_charter]: https://github.com/CVEProject/quality-workgroup/blob/main/README.md
