comments to help authors find the related files for the CVE table

content/en/news/security-bulletins/_index.md

@@ -14,6 +14,10 @@ If you run a security scan on Kiali software that automatically generates a list
 
 Kiali releases every three weeks and so generally resolves CVEs in new releases only.  Golang vulnerabilities are typically resolved in a timely way, as the Go version for release builds increments fairly often. Occasionally, critical CVEs may be resolved in patch releases for supported versions.  Additionally, not every CVE reported against a Kiali dependency is actually a vulnerability.  For reported CVEs that are proven not to affect Kiali, see the table below:
 
+<!--
+The table data is located at data/security/cve.yaml
+The table layout HTML is located at layout/shortcodes/security-cve-table.html
+ -->
 {{<security-cve-table>}}
 
 <br />

data/security/cve.yaml

@@ -1,4 +1,7 @@
 # The Reported Kiali CVEs for which Kiali is confirmed to not be vulnerable
+# The table layout HTML is located at layouts/shortcodes/security-cve-table.html
+# The table is used in content/en/news/security-bulletins/_index.md
+# The HTML tag to insert the data table is <security-cve-table>
 versionRange:
   - cve: "CVE-2024-33599"
     severity: high

layouts/shortcodes/security-cve-table.html

@@ -1,5 +1,9 @@
 {{ $data := index .Site.Data.security.cve }}
 
+<!--
+The table data is located at data/security/cve.yaml
+The table is used in content/en/news/security-bulletins/_index.md
+ -->
 <table>
   <thead>
     <tr style="border-bottom: 1px solid #ddd">