stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
main
git.stella-ops.org/docs/schemas/vuln-explorer.schema.json
StellaOps Bot 05597616d6 feat: Add Go module and workspace test fixtures 
- Created expected JSON files for Go modules and workspaces.
- Added go.mod and go.sum files for example projects.
- Implemented private module structure with expected JSON output.
- Introduced vendored dependencies with corresponding expected JSON.
- Developed PostgresGraphJobStore for managing graph jobs.
- Established SQL migration scripts for graph jobs schema.
- Implemented GraphJobRepository for CRUD operations on graph jobs.
- Created IGraphJobRepository interface for repository abstraction.
- Added unit tests for GraphJobRepository to ensure functionality.
2025-12-06 20:04:03 +02:00

314 lines
8.8 KiB
JSON
Raw Permalink Blame History

{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://stellaops.io/schemas/vuln-explorer.v1.json",
"title": "VulnExplorer",
"description": "Vuln Explorer domain models for vulnerability management (GRAP0101)",
"type": "object",
"$defs": {
"VulnSummary": {
"type": "object",
"description": "Summary view of a vulnerability finding",
"required": ["id", "severity", "score", "exploitability", "cveIds", "purls", "policyVersion"],
"properties": {
"id": {
"type": "string",
"description": "Unique finding identifier"
},
"severity": {
"$ref": "#/$defs/Severity"
},
"score": {
"type": "number",
"minimum": 0,
"maximum": 10,
"description": "CVSS or risk score"
},
"kev": {
"type": "boolean",
"description": "Is in CISA Known Exploited Vulnerabilities catalog"
},
"exploitability": {
"$ref": "#/$defs/Exploitability"
},
"fixAvailable": {
"type": "boolean",
"description": "Whether a fix/patch is available"
},
"cveIds": {
"type": "array",
"items": {"type": "string"},
"description": "Associated CVE identifiers"
},
"purls": {
"type": "array",
"items": {"type": "string"},
"description": "Affected package URLs"
},
"policyVersion": {
"type": "string",
"description": "Policy version used for determination"
},
"rationaleId": {
"type": "string",
"description": "Reference to policy rationale"
}
}
},
"VulnDetail": {
"type": "object",
"description": "Detailed view of a vulnerability finding",
"required": ["id", "severity", "score", "exploitability", "cveIds", "purls", "summary", "policyVersion", "firstSeen", "lastSeen"],
"properties": {
"id": {"type": "string"},
"severity": {"$ref": "#/$defs/Severity"},
"score": {"type": "number", "minimum": 0, "maximum": 10},
"kev": {"type": "boolean"},
"exploitability": {"$ref": "#/$defs/Exploitability"},
"fixAvailable": {"type": "boolean"},
"cveIds": {
"type": "array",
"items": {"type": "string"}
},
"purls": {
"type": "array",
"items": {"type": "string"}
},
"summary": {
"type": "string",
"description": "Human-readable vulnerability description"
},
"affectedPackages": {
"type": "array",
"items": {"$ref": "#/$defs/PackageAffect"}
},
"advisoryRefs": {
"type": "array",
"items": {"$ref": "#/$defs/AdvisoryRef"}
},
"rationale": {
"$ref": "#/$defs/PolicyRationale"
},
"paths": {
"type": "array",
"items": {"type": "string"},
"description": "Dependency paths to vulnerable component"
},
"evidence": {
"type": "array",
"items": {"$ref": "#/$defs/EvidenceRef"}
},
"firstSeen": {
"type": "string",
"format": "date-time"
},
"lastSeen": {
"type": "string",
"format": "date-time"
},
"policyVersion": {"type": "string"},
"rationaleId": {"type": "string"},
"provenance": {"$ref": "#/$defs/EvidenceProvenance"}
}
},
"Severity": {
"type": "string",
"enum": ["critical", "high", "medium", "low", "informational", "unknown"]
},
"Exploitability": {
"type": "string",
"description": "Exploitability assessment",
"enum": ["active", "poc", "theoretical", "unlikely", "none", "unknown"]
},
"PackageAffect": {
"type": "object",
"required": ["purl"],
"properties": {
"purl": {
"type": "string",
"description": "Package URL"
},
"versions": {
"type": "array",
"items": {"type": "string"},
"description": "Affected version ranges"
}
}
},
"AdvisoryRef": {
"type": "object",
"required": ["url", "title"],
"properties": {
"url": {
"type": "string",
"format": "uri"
},
"title": {
"type": "string"
}
}
},
"PolicyRationale": {
"type": "object",
"required": ["id", "summary"],
"properties": {
"id": {"type": "string"},
"summary": {"type": "string"}
}
},
"EvidenceRef": {
"type": "object",
"required": ["kind", "reference"],
"properties": {
"kind": {
"type": "string",
"description": "Type of evidence",
"examples": ["sbom", "vex", "scan", "reachability"]
},
"reference": {
"type": "string",
"description": "URI or identifier to evidence"
},
"title": {
"type": "string"
}
}
},
"EvidenceProvenance": {
"type": "object",
"required": ["ledgerEntryId", "evidenceBundleId"],
"properties": {
"ledgerEntryId": {
"type": "string",
"description": "Findings ledger entry ID"
},
"evidenceBundleId": {
"type": "string",
"description": "Evidence bundle reference"
}
}
},
"VulnListResponse": {
"type": "object",
"required": ["items"],
"properties": {
"items": {
"type": "array",
"items": {"$ref": "#/$defs/VulnSummary"}
},
"nextPageToken": {
"type": "string",
"description": "Token for next page of results"
}
}
},
"VulnFilter": {
"type": "object",
"description": "Query filters for vulnerability listing",
"properties": {
"policyVersion": {"type": "string"},
"pageSize": {
"type": "integer",
"minimum": 1,
"maximum": 100,
"default": 20
},
"pageToken": {"type": "string"},
"cve": {
"type": "string",
"description": "Filter by CVE ID"
},
"purl": {
"type": "string",
"description": "Filter by package URL"
},
"severity": {"$ref": "#/$defs/Severity"},
"exploitability": {"$ref": "#/$defs/Exploitability"},
"fixAvailable": {"type": "boolean"}
}
},
"FindingProjection": {
"type": "object",
"description": "Findings ledger projection model",
"required": ["tenantId", "findingId", "policyVersion", "status", "updatedAt"],
"properties": {
"tenantId": {"type": "string"},
"findingId": {"type": "string"},
"policyVersion": {"type": "string"},
"status": {
"type": "string",
"enum": ["open", "resolved", "suppressed", "false_positive"]
},
"severity": {
"type": "number",
"minimum": 0,
"maximum": 10
},
"riskScore": {
"type": "number",
"minimum": 0,
"maximum": 1
},
"riskSeverity": {"$ref": "#/$defs/Severity"},
"riskProfileVersion": {"type": "string"},
"riskExplanationId": {
"type": "string",
"format": "uuid"
},
"labels": {
"type": "object",
"additionalProperties": {"type": "string"}
},
"currentEventId": {
"type": "string",
"format": "uuid"
},
"explainRef": {"type": "string"},
"policyRationale": {
"type": "array",
"items": {"type": "object"}
},
"updatedAt": {
"type": "string",
"format": "date-time"
},
"cycleHash": {"type": "string"}
}
},
"FindingHistoryEntry": {
"type": "object",
"required": ["tenantId", "findingId", "policyVersion", "eventId", "status", "actorId", "occurredAt"],
"properties": {
"tenantId": {"type": "string"},
"findingId": {"type": "string"},
"policyVersion": {"type": "string"},
"eventId": {
"type": "string",
"format": "uuid"
},
"status": {"type": "string"},
"severity": {"type": "number"},
"actorId": {"type": "string"},
"comment": {"type": "string"},
"occurredAt": {
"type": "string",
"format": "date-time"
}
}
}
},
"examples": [
{
"id": "finding-001",
"severity": "high",
"score": 7.5,
"kev": true,
"exploitability": "active",
"fixAvailable": true,
"cveIds": ["CVE-2024-1234"],
"purls": ["pkg:npm/lodash@4.17.20"],
"policyVersion": "2025.12.1",
"rationaleId": "rat-001"
}
]
}
Reference in New Issue View Git Blame Copy Permalink