Module vex 

socket-patch vex — generate an OpenVEX 0.2.0 document.

Reads the local manifest, optionally verifies each patch’s on-disk state, and emits a VEX document describing the vulnerabilities that have been mitigated. Designed to be piped into vexctl, Grype, Trivy, and the like.

Output channels:

• Default (--output unset, --json unset): VEX JSON to stdout, human-readable status to stderr.
• --output <path> (no --json): VEX JSON to file, one-line summary to stdout.
• --json (requires --output): VEX JSON to file, envelope JSON to stdout. This is the CI integration shape.

Structs

VexArgs

Functions

run