stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

Restructure solution layout by module

Browse Source
This commit is contained in:
master
2025-10-28 15:10:40 +02:00
parent 95daa159c4
commit d870da18ce
4103 changed files with 192899 additions and 187024 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/Concelier/__Libraries/StellaOps.Concelier.Connector.CertIn/AGENTS.md Normal file
View File

@@ -0,0 +1,28 @@
# AGENTS
## Role
CERT-In national CERT connector; enrichment advisories for India; maps CVE lists, advisory text, mitigations, and references; non-authoritative for package ranges unless explicit evidence is present.
## Scope
- Discover and fetch advisories from the CERT-In portal; window by advisory code/date; follow detail pages.
- Validate HTML or JSON; extract title, summary, CVEs, affected vendor names, mitigations; map references; normalize dates and IDs.
- Persist raw docs and maintain source_state cursor; idempotent mapping.
## Participants
- Source.Common (HTTP, HTML parsing, normalization, validators).
- Storage.Mongo (document, dto, advisory, alias, reference, source_state).
- Models (canonical).
- Core/WebService (jobs: source:certin:fetch|parse|map).
- Merge engine treats CERT-In as enrichment (no override of PSIRT or OVAL without concrete ranges).
## Interfaces & contracts
- Aliases: advisory code if stable (scheme "CERT-IN") and CVE ids; if code is not stable, store as reference only.
- References typed: bulletin/advisory/vendor/mitigation; deduped.
- Affected omitted unless CERT-In publishes explicit version or fix details.
- Provenance: method=parser; value=advisory code or URL; recordedAt.
## In/Out of scope
In: enrichment, aliasing where stable, references, mitigation text.
Out: package range authority; scraping behind auth walls.
## Observability & security expectations
- Metrics: shared `concelier.source.http.*` counters/histograms from SourceDiagnostics tagged `concelier.source=certin` capture fetch volume, parse failures, and map enrich counts.
- Logs: advisory codes, CVE counts per advisory, timing; allowlist host; redact personal data if present.
## Tests
- Author and review coverage in `../StellaOps.Concelier.Connector.CertIn.Tests`.
- Shared fixtures (e.g., `MongoIntegrationFixture`, `ConnectorTestHarness`) live in `../StellaOps.Concelier.Testing`.
- Keep fixtures deterministic; match new cases to real-world advisories or regression scenarios.