feat: Add initial implementation of Vulnerability Resolver Jobs

- Created project for StellaOps.Scanner.Analyzers.Native.Tests with necessary dependencies. - Documented roles and guidelines in AGENTS.md for Scheduler module. - Implemented IResolverJobService interface and InMemoryResolverJobService for handling resolver jobs. - Added ResolverBacklogNotifier and ResolverBacklogService for monitoring job metrics. - Developed API endpoints for managing resolver jobs and retrieving metrics. - Defined models for resolver job requests and responses. - Integrated dependency injection for resolver job services. - Implemented ImpactIndexSnapshot for persisting impact index data. - Introduced SignalsScoringOptions for configurable scoring weights in reachability scoring. - Added unit tests for ReachabilityScoringService and RuntimeFactsIngestionService. - Created dotnet-filter.sh script to handle command-line arguments for dotnet. - Established nuget-prime project for managing package downloads.
2025-11-18 07:52:15 +02:00
parent e69b57d467
commit 8355e2ff75
299 changed files with 13293 additions and 2444 deletions
--- a/docs/samples/lnm/linkset-ghsa.json
+++ b/docs/samples/lnm/linkset-ghsa.json
@@ -8,8 +8,14 @@
    "purls": [ "pkg:npm/example" ],
    "versions": [ "1.2.3" ],
    "ranges": [ { "type": "semver", "events": [ { "introduced": "0" }, { "fixed": "1.2.4" } ] } ],
-    "severities": [ { "system": "cvssv3.1", "score": 7.5, "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ]
+    "severities": [ { "system": "cvssv3.1", "score": 7.5, "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ],
+    "scopes": [ "runtime", "build" ],
+    "relationships": [
+      { "type": "depends_on", "source": "pkg:npm/example@1.2.3", "target": "pkg:npm/lib@4.5.6", "provenance": "sbom:inventory-2025-10-01" }
+    ]
  },
+  "confidence": 1.0,
+  "conflicts": [],
  "createdAt": "2025-10-06T12:05:00Z",
  "builtByJobId": "linkset-builder-456",
  "provenance": {
--- a/docs/samples/lnm/observation-ghsa.json
+++ b/docs/samples/lnm/observation-ghsa.json
@@ -11,6 +11,10 @@
    "versions": [ "1.2.3" ],
    "ranges": [ { "type": "semver", "events": [ { "introduced": "0" }, { "fixed": "1.2.4" } ] } ]
  } ],
+  "scopes": [ "runtime", "build" ],
+  "relationships": [
+    { "type": "depends_on", "source": "pkg:npm/example@1.2.3", "target": "pkg:npm/lib@4.5.6", "provenance": "sbom:inventory-2025-10-01" }
+  ],
  "references": [ "https://github.com/example/advisory" ],
  "weaknesses": [ "CWE-79" ],
  "published": "2025-10-01T00:00:00Z",