audit work, fixed StellaOps.sln warnings/errors, fixed tests, sprints work, new advisories
This commit is contained in:
master
29
src/VulnExplorer/AGENTS.md
Normal file
29
src/VulnExplorer/AGENTS.md
Normal file
@@ -0,0 +1,29 @@
|
||||
# VulnExplorer Module Charter
|
||||
|
||||
## Mission
|
||||
- Provide deterministic, auditable triage workflows and APIs for vulnerability findings.
|
||||
|
||||
## Responsibilities
|
||||
- Maintain ledger models and append-only history.
|
||||
- Expose APIs for findings, actions, and exports.
|
||||
- Enforce RBAC and ABAC scopes and Authority integration.
|
||||
- Produce offline bundles with signed manifests.
|
||||
|
||||
## Required Reading
|
||||
- docs/README.md
|
||||
- docs/07_HIGH_LEVEL_ARCHITECTURE.md
|
||||
- docs/modules/platform/architecture-overview.md
|
||||
- docs/modules/vuln-explorer/architecture.md
|
||||
- docs/modules/findings-ledger/schema.md
|
||||
|
||||
## Working Agreement
|
||||
- Append-only ledger updates; never mutate past entries.
|
||||
- Deterministic ordering for exports and manifests.
|
||||
- Use TimeProvider and IGuidGenerator; UTC timestamps.
|
||||
- Use InvariantCulture for parsing and formatting.
|
||||
- Propagate CancellationToken in async flows.
|
||||
|
||||
## Testing Strategy
|
||||
- Unit tests for ledger projections and validation.
|
||||
- Integration tests for API endpoints and authorization.
|
||||
- Determinism tests for export bundles.
|
||||
Reference in New Issue
Block a user