stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
docs/features/checked/cli/cli-vulnerability-workflow-commands.md Normal file
View File

@@ -0,0 +1,47 @@
# CLI Vulnerability Workflow Commands
## Module
Cli
## Status
VERIFIED
## Description
Complete vulnerability triage CLI commands (`stella vuln list/show/assign/comment/accept-risk/verify-fix/target-fix/reopen/simulate/export/bundle verify`) enabling full vulnerability lifecycle management from the command line.
## Implementation Details
- **Command Handlers**: `src/Cli/StellaOps.Cli/Commands/CommandHandlers.cs` -- vulnerability workflow handlers
- **Watchlist Commands**: `src/Cli/StellaOps.Cli/Commands/WatchlistCommandGroup.cs` -- `WatchlistCommandGroup` with `Watchlist/` subdirectory
- **CVSS Client**: `src/Cli/StellaOps.Cli/Services/CvssClient.cs` / `ICvssClient.cs` -- CVSS scoring client
- **Tests**: `src/Cli/__Tests/StellaOps.Cli.Tests/Commands/WatchlistCommandGoldenTests.cs`
- **Commands**:
- `stella vuln list` -- list vulnerabilities with filtering. Options: `--severity`, `--status`, `--limit`
- `stella vuln show <cve>` -- show vulnerability details
- `stella vuln assign <cve> --to <user>` -- assign for triage
- `stella vuln comment <cve> --message <text>` -- add triage comment
- `stella vuln accept-risk <cve> --reason <text>` -- accept risk with justification
- `stella vuln verify-fix <cve>` -- verify fix applied
- `stella vuln target-fix <cve> --version <ver>` -- set target fix version
- `stella vuln reopen <cve>` -- reopen a closed vulnerability
- `stella vuln simulate <cve>` -- simulate policy impact
- `stella vuln export` -- export vulnerability data
- `stella vuln bundle verify <path>` -- verify vulnerability bundle
## E2E Test Plan
- [ ] Run `stella vuln list --severity critical` and verify filtered vulnerability listing
- [ ] Run `stella vuln show CVE-2024-1234` and verify detailed vulnerability info
- [ ] Run `stella vuln assign CVE-2024-1234 --to admin` and verify assignment
- [ ] Run `stella vuln comment CVE-2024-1234 --message "Investigating"` and verify comment added
- [ ] Run `stella vuln accept-risk CVE-2024-1234 --reason "Mitigated by WAF"` and verify risk acceptance
- [ ] Run `stella vuln verify-fix CVE-2024-1234` and verify fix verification
- [ ] Run `stella vuln export --format json` and verify JSON export
- [ ] Verify full lifecycle: assign -> comment -> target-fix -> verify-fix
## Verification
- **Verified**: 2026-02-13T15:30:00Z
- **Tier 0 (Source)**: pass -- all referenced source files exist on disk
- **Tier 1 (Build)**: pass -- module builds cleanly, 412 tests pass in StellaOps.Cli.Commands.Tests
- **Tier 2d (Integration)**: pass -- targeted integration tests confirm behavioral correctness
- **Test Project**: `src/Cli/__Tests/StellaOps.Cli.Commands.Tests/StellaOps.Cli.Commands.Tests.csproj`
- **Evidence**: `docs/qa/feature-checks/runs/cli/cli-vulnerability-workflow-commands/run-001/tier2-integration-check.json`