stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
49922dff5ad4435420dac177e832ba4290ceaea9
git.stella-ops.org/docs/advisories/explorer-integration.md
StellaOps Bot 579236bfce
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Add MongoDB storage library and update acceptance tests with deterministic stubs 
- Created StellaOps.Notify.Storage.Mongo project with initial configuration.
- Added expected output files for acceptance tests (at1.txt to at10.txt).
- Added fixture input files for acceptance tests (at1 to at10).
- Created input and signature files for test cases fc1 to fc5.
2025-12-05 22:56:01 +02:00

877 B
Raw Blame History

Advisories Integration with Vuln Explorer (Md.XI draft)

Status: DRAFT — waiting on export bundle spec + provenance notes; keep TODO.

Scope

  • Describe advisory normalization, withdrawn handling, provenance, and export bundle linkage for Vuln Explorer.
  • Deterministic examples with hashes in docs/assets/vuln-explorer/SHA256SUMS.

Dependencies

  • Export bundle spec/provenance notes (in progress).
  • GRAP0101 identifiers.

Outline

  • Advisory ingestion flow and key normalization.
  • Withdrawn/updated advisory handling.
  • Provenance: DSSE/Rekor optional; bundle manifests.
  • Cross-links to findings ledger and VEX decisions.

Hash Capture Checklist (when spec arrives)

  • assets/vuln-explorer/advisory-normalized.json
  • assets/vuln-explorer/advisory-withdrawn.json
  • assets/vuln-explorer/advisory-bundle-manifest.json

Last updated: 2025-12-05 (UTC)