From 54e7b68c42e2aa5544b08780afe482a8d6c63ab1 Mon Sep 17 00:00:00 2001
From: Terri Oda <terri.oda@intel.com>
Date: Thu, 19 Oct 2023 16:22:36 -0700
Subject: [PATCH] docs: Add extra sentence about nvd_api_key

For the weeks before the 3.3 release happens, add an extra sentence about the api key.

Signed-off-by: Terri Oda <terri.oda@intel.com>
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index b4adb6f265..44a3fee1e2 100644
--- a/README.md
+++ b/README.md
@@ -75,6 +75,8 @@ Pip will install the python requirements for you, but for some types of extracti
 
 On first usage (and by default, once per day) The tool will download vulnerability data from [a set of known vulnerability data sources](https://github.com/intel/cve-bin-tool/blob/main/doc/MANUAL.md#data-sources).  Due to reliability issues with NVD, as of release 3.3 we will be using our own NVD mirror at [https://cveb.in/](https://cveb.in/) by default rather than contact NVD directly.  If you wish to get data directly from the NVD servers you must [provide your own NVD_API_KEY](https://github.com/intel/cve-bin-tool/blob/main/doc/MANUAL.md#--nvd-api-key-nvd_api_key) to use their API.
 
+If you are using a release prior to 3.3 that does not use our mirror, please use an NVD_API_KEY as described above.
+
 ## Most popular usage options
 
 ### Finding known vulnerabilities using the binary scanner