# Sprint 115 - Ingestion & Evidence ยท 110.B) Concelier.IV Active items only. Completed/historic work now resides in docs/implplan/archived/tasks.md (updated 2025-11-08). [Ingestion & Evidence] 110.B) Concelier.IV Depends on: Sprint 110.B - Concelier.III Summary: Ingestion & Evidence focus on Concelier (phase IV). Task ID | State | Task description | Owners (Source) --- | --- | --- | --- CONCELIER-POLICY-20-002 `Linkset enrichment for policy` | TODO | Expand linkset builders with vendor-specific equivalence tables, NEVRA/PURL normalization, and version-range parsing so policy joins become more accurate without Concelier prioritizing sources. Depends on CONCELIER-POLICY-20-001. | Concelier Core Guild, Policy Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core) CONCELIER-POLICY-20-003 `Selection cursors` | TODO | Introduce advisory selection cursors + change-stream checkpoints that let Policy Engine process deltas deterministically; include offline migration scripts. Depends on CONCELIER-POLICY-20-002. | Concelier Storage Guild (src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo) CONCELIER-POLICY-23-001 `Evidence indexes` | TODO | Add secondary indexes/materialized views (alias, provider severity, correlation confidence) so policy lookups stay fast without caching derived verdicts; document the supported query patterns. Depends on CONCELIER-POLICY-20-003. | Concelier Core Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core) CONCELIER-POLICY-23-002 `Event guarantees` | TODO | Ensure `advisory.linkset.updated` events ship with idempotent IDs, confidence summaries, and tenant metadata so policy consumers can replay evidence feeds safely. Depends on CONCELIER-POLICY-23-001. | Concelier Core Guild, Platform Events Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core) CONCELIER-RISK-66-001 `CVSS/KEV providers` | TODO | Surface vendor-provided CVSS/KEV/fix data exactly as published (with provenance anchors) through provider APIs so risk engines can reason about upstream intent. | Concelier Core Guild, Risk Engine Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core) CONCELIER-RISK-66-002 `Fix availability signals` | TODO | Emit structured fix-availability metadata per observation/linkset (release version, advisory link, evidence timestamp) without guessing exploitability. Depends on CONCELIER-RISK-66-001. | Concelier Core Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core) CONCELIER-RISK-67-001 `Source coverage metrics` | TODO | Publish per-source coverage/conflict metrics (counts, disagreements) so explainers can cite which upstream statements exist; no weighting is applied inside Concelier. Depends on CONCELIER-RISK-66-001. | Concelier Core Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core) CONCELIER-RISK-68-001 `Policy Studio integration` | TODO | Wire advisory signal pickers into Policy Studio so curators can select which raw advisory fields feed policy gating; validation must confirm fields are provenance-backed. Depends on POLICY-RISK-68-001. | Concelier Core Guild, Policy Studio Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core) CONCELIER-RISK-69-001 `Notification hooks` | TODO | Emit notifications when upstream advisory fields change (e.g., fix available) with observation IDs + provenance so Notifications service can alert without inferring severity. Depends on CONCELIER-RISK-66-002. | Concelier Core Guild, Notifications Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core) CONCELIER-SIG-26-001 `Vulnerable symbol exposure` | TODO | Expose upstream-provided affected symbol/function lists via APIs to help reachability scoring; maintain provenance and do not infer exploitability. Depends on SIGNALS-24-002. | Concelier Core Guild, Signals Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core) CONCELIER-STORE-AOC-19-005 `Raw linkset backfill` | TODO (2025-11-04) | Execute the raw-linkset backfill/rollback plan (`docs/dev/raw-linkset-backfill-plan.md`) so Mongo + Offline Kit bundles reflect Link-Not-Merge data; rehearse rollback. Depends on CONCELIER-CORE-AOC-19-004. | Concelier Storage Guild, DevOps Guild (src/Concelier/__Libraries/StellaOps.Concelier.Storage.Mongo) CONCELIER-TEN-48-001 `Tenant-aware linking` | TODO | Enforce tenant scoping throughout normalization/linking, expose capability endpoint advertising `merge=false`, and ensure events include tenant IDs. Depends on AUTH-TEN-47-001. | Concelier Core Guild (src/Concelier/__Libraries/StellaOps.Concelier.Core) CONCELIER-VEXLENS-30-001 `Advisory rationale bridges` | TODO | Guarantee advisory key consistency and cross-links consumed by VEX Lens so consensus explanations can cite Concelier evidence without requesting merges. Depends on CONCELIER-VULN-29-001, VEXLENS-30-005. | Concelier WebService Guild, VEX Lens Guild (src/Concelier/StellaOps.Concelier.WebService)