From 7b0464edab30fc805534dd0665a30a269f6bb80b Mon Sep 17 00:00:00 2001
From: Dipesh Rawat <Dipesh.rawat@ibm.com>
Date: Fri, 15 Dec 2023 19:11:43 +0000
Subject: [PATCH] Add VEX Feed

---
 .openvex/templates/README.md         | 27 +++++++++++++++++++++++++++
 .openvex/templates/main.openvex.json |  8 ++++++++
 2 files changed, 35 insertions(+)
 create mode 100644 .openvex/templates/README.md
 create mode 100644 .openvex/templates/main.openvex.json

diff --git a/.openvex/templates/README.md b/.openvex/templates/README.md
new file mode 100644
index 00000000..d724e1d0
--- /dev/null
+++ b/.openvex/templates/README.md
@@ -0,0 +1,27 @@
+# OpenVEX Templates Directory
+
+This directory contains the OpenVEX data for this repository.
+The files stored in this directory are used as templates by
+`vexctl generate` when generating VEX data for a release or 
+a specific artifact.
+
+To add new statements to publish data about a vulnerability,
+download [vexctl](https://github.com/openvex/vexctl)
+and append new statements using `vexctl add`. For example:
+```
+vexctl add --in-place main.openvex.json pkg:oci/test CVE-2014-1234567 fixed
+```
+That will add a new VEX statement expressing that the impact of
+CVE-2014-1234567 is under investigation in the test image. When
+cutting a new release, for `pkg:oci/test` the new file will be
+incorporated to the relase's VEX data.
+
+## Read more about OpenVEX
+
+To know more about generating, publishing and using VEX data
+in your project, please check out the vexctl repository and
+documentation: https://github.com/openvex/vexctl
+
+OpenVEX also has an examples repository with samples and docs:
+https://github.com/openvex/examples
+
diff --git a/.openvex/templates/main.openvex.json b/.openvex/templates/main.openvex.json
new file mode 100644
index 00000000..f8e9c23a
--- /dev/null
+++ b/.openvex/templates/main.openvex.json
@@ -0,0 +1,8 @@
+{
+  "@context": "https://openvex.dev/ns/v0.2.0",
+  "@id": "https://openvex.dev/docs/public/vex-6f9001fd8630edd2996df09f345882066d7b5bf512e54af918343d278640ecd0",
+  "author": "vexctl (automated template)",
+  "timestamp": "2023-12-15T19:10:43.910365Z",
+  "version": 1,
+  "statements": []
+}