stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

up
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details

Browse Source
This commit is contained in:
StellaOps Bot
2025-11-24 09:07:40 +02:00
parent 150b3730ef
commit e6119cbe91
59 changed files with 1827 additions and 204 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
samples/linkset/lnm-22-001/README.md Normal file
View File

@@ -0,0 +1,7 @@
# SAMPLES-LNM-22-001 fixtures
Two linkset/observation pairs illustrating disagreements and investigation state.
- `observations.ndjson` — raw observations (NVD, GHSA, OSV) with evidence hashes and timestamps.
- `linksets.ndjson` — merged linkset view showing conflicts (`affected` vs `not_affected`) and a separate under-investigation case.
Determinism: sorted by vulnerabilityId then purl; timestamps in UTC; hashes are placeholders for demo use.

2
samples/linkset/lnm-22-001/linksets.ndjson Normal file
View File

@@ -0,0 +1,2 @@
{"tenant":"demo","linksetId":"CVE-2025-1000:pkg:maven/org.example/app@1.2.3","vulnerabilityId":"CVE-2025-1000","purl":"pkg:maven/org.example/app@1.2.3","statuses":["affected","not_affected"],"providers":["nvd","ghsa"],"conflicts":[{"providerId":"nvd","status":"affected"},{"providerId":"ghsa","status":"not_affected","justification":"component_not_present"}],"observations":["obs-nvd-0001","obs-ghsa-0001"],"createdAt":"2025-11-12T00:00:00Z"}
{"tenant":"demo","linksetId":"CVE-2025-2000:pkg:npm/example/app@4.5.6","vulnerabilityId":"CVE-2025-2000","purl":"pkg:npm/example/app@4.5.6","statuses":["under_investigation"],"providers":["osv"],"conflicts":[],"observations":["obs-osv-0001"],"createdAt":"2025-11-12T00:00:00Z"}

3
samples/linkset/lnm-22-001/observations.ndjson Normal file
View File

@@ -0,0 +1,3 @@
{"tenant":"demo","source":"nvd","observationId":"obs-nvd-0001","vulnerabilityId":"CVE-2025-1000","purl":"pkg:maven/org.example/app@1.2.3","status":"affected","justification":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2025-1000"],"evidenceHash":"sha256:aaa111","createdAt":"2025-11-10T00:00:00Z"}
{"tenant":"demo","source":"ghsa","observationId":"obs-ghsa-0001","vulnerabilityId":"CVE-2025-1000","purl":"pkg:maven/org.example/app@1.2.3","status":"not_affected","justification":"component_not_present","references":["https://github.com/advisories/GHSA-xxxx-xxxx"],"evidenceHash":"sha256:bbb222","createdAt":"2025-11-11T00:00:00Z"}
{"tenant":"demo","source":"osv","observationId":"obs-osv-0001","vulnerabilityId":"CVE-2025-2000","purl":"pkg:npm/example/app@4.5.6","status":"under_investigation","justification":null,"references":["https://osv.dev/GHSA-yyyy"],"evidenceHash":"sha256:ccc333","createdAt":"2025-11-12T00:00:00Z"}