stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
6524626230f41b6106f43da7c21ae8a3b9f843b3
git.stella-ops.org/src/StellaOps.Concelier.Connector.Nvd/TASKS.md

3.2 KiB
Raw Blame History

TASKS

Task Owner(s) Depends on Notes
Fetch job with sliding modified windows BE-Conn-Nvd Source.Common DONE windowed fetch implemented with overlap and raw doc persistence.
DTO schema + validation BE-Conn-Nvd Source.Common DONE schema validator enforced before DTO persistence.
Mapper to canonical model BE-Conn-Nvd Models DONE NvdMapper populates CVSS/CWE/CPE data.
2025-10-11 research trail: upcoming normalized rules must serialize as [{"scheme":"semver","type":"range","min":"<floor>","minInclusive":true,"max":"<ceiling>","maxInclusive":false,"notes":"nvd:CVE-2025-XXXX"}]; keep notes consistent with CVE IDs for provenance joins.
Watermark repo usage BE-Conn-Nvd Storage.Mongo DONE cursor tracks windowStart/windowEnd and updates SourceState.
Integration test fixture isolation QA Storage.Mongo DONE connector tests reset Mongo/time fixtures between runs to avoid cross-test bleed.
Tests: golden pages + resume QA Tests DONE snapshot and resume coverage added across NvdConnectorTests.
Observability BE-Conn-Nvd Core DONE NvdDiagnostics meter tracks attempts/documents/failures with collector tests.
Change history snapshotting BE-Conn-Nvd Storage.Mongo DONE connector now records per-CVE snapshots with top-level diff metadata whenever canonical advisories change.
Pagination for windows over page limit BE-Conn-Nvd Source.Common DONE additional page fetcher honors startIndex; covered by multipage tests.
Schema validation quarantine path BE-Conn-Nvd Storage.Mongo DONE schema failures mark documents failed and metrics assert quarantine.
FEEDCONN-NVD-04-002 Conflict regression fixtures BE-Conn-Nvd, QA Merge FEEDMERGE-ENGINE-04-001 DONE (2025-10-12) Published conflict-nvd.canonical.json + mapper test; includes CVSS 3.1 + CWE reference and normalized CPE range feeding the conflict triple. Validation: dotnet test src/StellaOps.Concelier.Connector.Nvd.Tests/StellaOps.Concelier.Connector.Nvd.Tests.csproj --filter NvdConflictFixtureTests.
FEEDCONN-NVD-02-004 NVD CVSS & CWE precedence payloads BE-Conn-Nvd Models FEEDMODELS-SCHEMA-01-002 DONE (2025-10-11) CVSS metrics now carry provenance masks, CWE weaknesses emit normalized references, and fixtures cover the additional precedence data.
FEEDCONN-NVD-02-005 NVD merge/export parity regression BE-Conn-Nvd, BE-Merge Merge FEEDMERGE-ENGINE-04-003 DONE (2025-10-12) Canonical merge parity fixtures captured, regression test validates credit/reference union, and exporter snapshot check guarantees parity through JSON exports.
FEEDCONN-NVD-02-002 Normalized versions rollout BE-Conn-Nvd Models FEEDMODELS-SCHEMA-01-003, Normalization playbook DONE (2025-10-11) SemVer primitives + normalized rules emitting for parseable ranges, fixtures/tests refreshed, coordination pinged via FEEDMERGE-COORD-02-900.
FEEDCONN-NVD-04-003 Description/CWE/metric parity rollout BE-Conn-Nvd Models, Core DONE (2025-10-15) Mapper now surfaces normalized description text, CWE weaknesses, and canonical CVSS metric id. Snapshots (conflict-nvd.canonical.json) refreshed and completion relayed to Merge coordination.