24 lines
1.4 KiB
Markdown
24 lines
1.4 KiB
Markdown
# AGENTS
|
|
## Role
|
|
Normalize CSAF VEX profile documents into Vexer claims and provide CSAF export adapters.
|
|
## Scope
|
|
- CSAF ingestion helpers: provider metadata parsing, document revision handling, vulnerability/action mappings.
|
|
- Normalizer implementation fulfilling `INormalizer` for CSAF sources (Red Hat, Cisco, SUSE, MSRC, Oracle, Ubuntu).
|
|
- Export adapters producing CSAF-compliant output slices from consensus data.
|
|
- Schema/version compatibility checks (CSAF 2.0 profile validation).
|
|
## Participants
|
|
- Connectors deliver raw CSAF documents to this module for normalization.
|
|
- Export module leverages adapters when producing CSAF exports.
|
|
- Policy engine consumes normalized justification/status fields for gating.
|
|
## Interfaces & contracts
|
|
- Parser/normalizer classes, helper utilities for `product_tree`, `vulnerabilities`, and `notes`.
|
|
- Export writer interfaces for per-provider/per-product CSAF packaging.
|
|
## In/Out of scope
|
|
In: CSAF parsing/normalization/export, schema validation, mapping to canonical claims.
|
|
Out: HTTP fetching (connectors), storage persistence, attestation logic.
|
|
## Observability & security expectations
|
|
- Emit structured diagnostics when CSAF documents fail schema validation, including source URI and revision.
|
|
- Provide counters for normalization outcomes (status distribution, justification coverage).
|
|
## Tests
|
|
- Fixture-driven parsing/export tests will live in `../StellaOps.Vexer.Formats.CSAF.Tests` using real CSAF samples.
|