feat: Add initial implementation of Vulnerability Resolver Jobs
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Created project for StellaOps.Scanner.Analyzers.Native.Tests with necessary dependencies. - Documented roles and guidelines in AGENTS.md for Scheduler module. - Implemented IResolverJobService interface and InMemoryResolverJobService for handling resolver jobs. - Added ResolverBacklogNotifier and ResolverBacklogService for monitoring job metrics. - Developed API endpoints for managing resolver jobs and retrieving metrics. - Defined models for resolver job requests and responses. - Integrated dependency injection for resolver job services. - Implemented ImpactIndexSnapshot for persisting impact index data. - Introduced SignalsScoringOptions for configurable scoring weights in reachability scoring. - Added unit tests for ReachabilityScoringService and RuntimeFactsIngestionService. - Created dotnet-filter.sh script to handle command-line arguments for dotnet. - Established nuget-prime project for managing package downloads.
This commit is contained in:
master
@@ -25,6 +25,19 @@ Deliver the Advisory AI assistant service that synthesizes advisory/VEX evidence
|
||||
- `docs/modules/advisory-ai/architecture.md`
|
||||
- `docs/modules/platform/architecture-overview.md`
|
||||
|
||||
## Roles & Boundaries
|
||||
- **Backend engineer** – APIs, retrievers, guardrails, orchestrator glue under `src/AdvisoryAI/StellaOps.AdvisoryAI*` and shared fixtures in `src/AdvisoryAI/__Tests`.
|
||||
- **Worker/queue engineer** – background processing and cache orchestration in `StellaOps.AdvisoryAI.Worker`.
|
||||
- **Docs engineer** – Advisory AI docs in `docs/advisory-ai/*`, policy/sbom/runbooks in `docs/policy`, `docs/sbom`, `docs/runbooks`.
|
||||
- **QA/Testing** – deterministic harnesses and golden/property/generative tests in `src/AdvisoryAI/__Tests`.
|
||||
- Allowed shared dirs: `StellaOps.AdvisoryAI.Hosting`, `StellaOps.Concelier.PluginBinaries` (read-only plugins), and cross-module contracts under `docs/modules/advisory-ai/*`.
|
||||
|
||||
## Testing & Determinism
|
||||
- Prefer golden/property tests with seeded randoms; fixtures live under `__Tests/Fixtures` with stable ordering.
|
||||
- Cache keys must include tenant + SBOM hash + advisory digest; avoid wall-clock time in logic—use injected clocks.
|
||||
- HTTP clients configurable via options + DI; set timeouts; no live network in unit tests (use test servers/mocks).
|
||||
- When adding APIs, update OpenAPI and ensure validation/guardrail regressions are tested.
|
||||
|
||||
## Working Agreement
|
||||
- 1. Update task status to `DOING`/`DONE` in both correspoding sprint file `/docs/implplan/SPRINT_*.md` and the local `TASKS.md` when you start or finish work.
|
||||
- 2. Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
|
||||
|
||||
Reference in New Issue
Block a user