semi implemented and features implemented save checkpoint

docs/features/unchecked/concelier/full-sbom-extraction-with-enriched-parsedsbom-model.md

@@ -0,0 +1,25 @@
+# Full SBOM Extraction with Enriched ParsedSbom Model
+
+## Module
+Concelier
+
+## Status
+IMPLEMENTED
+
+## Description
+Upgraded SBOM parser that extracts ALL fields from CycloneDX 1.7 and SPDX 3.0.1 (not just PURL/CPE). The enriched ParsedSbom model carries full SBOM data including services, crypto properties, ML model metadata, build/formulation info, compositions, vulnerabilities, and dependencies for downstream consumers (Scanner, Policy, etc.).
+
+## Implementation Details
+- **Modules**: `src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/`
+- **Key Classes**:
+  - `ParsedSbomParser` (`src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Parsing/ParsedSbomParser.cs`) - full SBOM extraction from CycloneDX 1.7 and SPDX 3.0.1 with enriched model
+  - `SbomAdvisoryMatcher` (`src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Matching/SbomAdvisoryMatcher.cs`) - matches SBOM components against advisories
+- **Interfaces**: `IParsedSbomParser`, `ISbomAdvisoryMatcher`
+- **Source**: SPRINT_20260119_015_Concelier_sbom_full_extraction.md
+
+## E2E Test Plan
+- [ ] Parse a CycloneDX 1.7 SBOM and verify all fields are extracted (components, services, compositions, vulnerabilities, dependencies)
+- [ ] Parse an SPDX 3.0.1 SBOM and verify enriched model includes packages, relationships, and annotations
+- [ ] Verify crypto properties extraction: SBOM with crypto components has crypto metadata in the ParsedSbom model
+- [ ] Verify ML model metadata: SBOM with ML model components has model metadata extracted
+- [ ] Verify downstream consumption: pass ParsedSbom to `SbomAdvisoryMatcher` and verify advisory matching works with enriched fields