devguard icon indicating copy to clipboard operation
devguard copied to clipboard
verified publisher icon l3montree-dev

CSAF: canonical_url missmatch

Open seb-kw opened this issue 1 month ago • 2 comments

Currently, the aggregrator.json is accessible through:

https://main.devguard.org/.well-known/csaf-aggregator/aggregator.json

as of docs. But the canonical_url points to https://api.main.devguard.org/api/v1/.well-known/csaf-aggregator/aggregator.json which is accessible too. Maybe we can adjust this missmatch. As its functional and the canonical_url target is valid reachable prio is low.

seb-kw avatar Nov 11 '25 08:11 seb-kw

Would you prefer having the canonical url point to the frontend? I prefer having it point to the api directly, since this is the application which actually serves it. If the api is down, nothing works anymore. If the frontend is down, everything keeps working

timbastin avatar Nov 11 '25 08:11 timbastin

Jep sounds good - then we will just adjust in the docs, stating the api url directly as top level endpoint and the web only as alternative.

seb-kw avatar Nov 11 '25 08:11 seb-kw