Initial commit (history squashed)

src/StellaOps.Feedser.Source.Ru.Nkcki/AGENTS.md

@@ -0,0 +1,38 @@
+# AGENTS
+## Role
+Implement the Russian NKTsKI (formerly NKCKI) advisories connector to ingest NKTsKI vulnerability bulletins for Feedser’s regional coverage.
+
+## Scope
+- Identify NKTsKI advisory feeds/APIs (HTML, RSS, CSV) and access/authentication requirements.
+- Implement fetch/cursor pipeline with dedupe and failure backoff tailored to the source format.
+- Parse advisories to extract summary, affected vendors/products, recommended mitigation, and CVE identifiers.
+- Map advisories into canonical `Advisory` records with aliases, references, affected packages, and range primitives.
+- Create deterministic fixtures and regression tests.
+
+## Participants
+- `Source.Common` (HTTP/fetch utilities, DTO storage).
+- `Storage.Mongo` (raw/document/DTO/advisory stores, source state).
+- `Feedser.Models` (canonical data structures).
+- `Feedser.Testing` (integration fixtures, snapshots).
+
+## Interfaces & Contracts
+- Job kinds: `nkcki:fetch`, `nkcki:parse`, `nkcki:map`.
+- Persist upstream modification metadata to support incremental updates.
+- Alias set should include NKTsKI advisory IDs and CVEs when present.
+
+## In/Out of scope
+In scope:
+- Core ingestion/mapping pipeline with range primitives.
+
+Out of scope:
+- Translation beyond canonical field normalisation.
+
+## Observability & Security Expectations
+- Log fetch/mapping activity; mark failures with backoff delays.
+- Handle Cyrillic text encoding and sanitise HTML safely.
+- Respect upstream rate limiting/politeness.
+
+## Tests
+- Add `StellaOps.Feedser.Source.Ru.Nkcki.Tests` for fetch/parse/map with canned fixtures.
+- Snapshot canonical advisories; support fixture regeneration via env flag.
+- Ensure deterministic ordering/time normalisation.