docs: add parity prep templates for vuln and scheduler

2025-12-06 09:35:39 +00:00
parent 79d562ea5d
commit ba733b9f69
2 changed files with 46 additions and 0 deletions
--- a/docs/db/reports/vuln-parity-sbom-sample-20251209.md
+++ b/docs/db/reports/vuln-parity-sbom-sample-20251209.md
@@ -0,0 +1,23 @@
+# SBOM & Advisory Sample List · Vulnerability Parity · 2025-12-09
+
+Use this list for PG-T5b.3–5b.4 parity runs (Mongo vs Postgres). Keep counts deterministic and freeze inputs once finalized.
+
+## Advisory sample (10k advisories)
+- Source selection: e.g., NVD 2025-08 snapshot, OSV 2025-09, vendor feeds.
+- Selection method: deterministic (sorted by source + advisory key); document exact query.
+- Export path: <populate>
+- SHA256 of export: <populate>
+
+## SBOM sample set
+| # | SBOM path | Ecosystem | Size | Hash (SHA256) | Notes |
+|---|-----------|-----------|------|---------------|-------|
+| 1 | <populate> | | | | |
+| 2 | <populate> | | | | |
+| 3 | <populate> | | | | |
+| 4 | <populate> | | | | |
+| 5 | <populate> | | | | |
+
+## Determinism guardrails
+- Do not change sample set after hashes recorded.
+- Store exports under `docs/db/reports/assets/vuln-parity-20251211/` with hash manifest.
+