osv: document package

Change-Id: I4a46a2b83792f41daf97e76833bd71177eb32902 Reviewed-on: https://team-review.git.corp.google.com/c/golang/vulndb/+/1063815 Reviewed-by: Roland Shoemaker <[email protected]>
golang · Apr 20, 2021 · e0c00fa · e0c00fa
1 parent 820ef4a
commit e0c00fa
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/osv/json.go b/osv/json.go
@@ -2,6 +2,22 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+// Package osv implements the <name-pending> shared vulnerability
+// format, with the Go specific extensions.
+//
+// As this package is intended for use with the Go vulnerability
+// database, only the subset of features which are used by that
+// database are implemented (for instance, only the SEMVER affected
+// range type is implemented).
+//
+// The format of the Go specific "extra" JSON object is as follows:
+//
+//   {
+//     "symbols": [ string ],
+//     "goos": [ string ],
+//     "goarch": [ string ],
+//     "url": string
+//   }
 package osv
 
 import (