From 62f3e7cbd448a19f0099fdbd707d8b9b4fbddfdd Mon Sep 17 00:00:00 2001 From: Brian de Alwis Date: Fri, 16 Dec 2022 11:09:14 -0500 Subject: [PATCH] Fix how-to-use bullet rendering Add blank line and use `*` bullet style as used elsewhere (such as chapters/conformance.md) Signed-off-by: Brian de Alwis --- chapters/how-to-use.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/chapters/how-to-use.md b/chapters/how-to-use.md index e82d3fb81c..3565365015 100644 --- a/chapters/how-to-use.md +++ b/chapters/how-to-use.md @@ -5,10 +5,11 @@ SPDX 2.x has the concept of an External Reference for a Package to "reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package." The specification for External Reference identifiers (Annex F) has four defined categories: -- Security: CPE, SWID tag identifier, or reference to security information -- Package-Manager: package identifier and locator -- Persistent-id: identifier which is guaranteed to remain stable (persistent) over time -- Other: Use if none of the above match your use case + +* Security: CPE, SWID tag identifier, or reference to security information +* Package-Manager: package identifier and locator +* Persistent-id: identifier which is guaranteed to remain stable (persistent) over time +* Other: Use if none of the above match your use case This section provides usage scenarios of how to leverage the Security and Persistent-id category external references specified above to refer to external security information. A complete SPDX document using these can be found in the examples directory within the SPDX code repository. Multiple instances and types of external security information may be included within a SPDX document.