Update docs/usage.md

hayleycd · Nov 9, 2023 · 386b4b6 · 386b4b6
1 parent 15f17ce
commit 386b4b6
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/docs/usage.md b/docs/usage.md
@@ -199,6 +199,8 @@ OSV-Scanner supports C/C++ projects.
 
 Because the C/C++ ecosystem does not have a centralized package manager, C/C++ dependencies tend to be bundled with the project. Dependencies are either [submoduled](#submoduled-dependencies) or [vendored](#vendored-dependencies). In either case, OSV-Scanner is able to find known vulnerabilities in your project dependencies. 
 
+OSV-Scanner's C/C++ support is based on commit-level data. OSV's commit-level data covers the majority of C/C++ vulnerabilities within the OSV database, but users should be aware that there may be vulnerabilities in their dependencies that could be excluded from OSV-Scanner results. Adding more commit-level data to the database is an ongoing project. 
+
 ### Submoduled dependencies
 
 Submoduled dependencies are included in the project folder retain their Git histories. To scan a C/C++ project with submoduled dependencies: