stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
6524626230f41b6106f43da7c21ae8a3b9f843b3
git.stella-ops.org/src/StellaOps.Concelier.Connector.Vndr.Chromium/AGENTS.md

2.2 KiB
Raw Blame History

AGENTS

Role

Chromium/Chrome vendor feed connector parsing Stable Channel Update posts; authoritative vendor context for Chrome/Chromium versions and CVE lists; maps fixed versions as affected ranges.

Scope

  • Crawl Chrome Releases blog list; window by publish date; fetch detail posts; identify "Stable Channel Update" and security fix sections.
  • Validate HTML; extract version trains, platform notes (Windows/macOS/Linux/Android), CVEs, acknowledgements; map fixed versions.
  • Persist raw docs and maintain source_state cursor; idempotent mapping.

Participants

  • Source.Common (HTTP, HTML helpers, validators).
  • Storage.Mongo (document, dto, advisory, alias, affected, reference, psirt_flags, source_state).
  • Models (canonical; affected ranges by product/version).
  • Core/WebService (jobs: source:chromium:fetch|parse|map).
  • Merge engine (later) to respect vendor PSIRT precedence for Chrome.

Interfaces & contracts

  • Aliases: CHROMIUM-POST: plus CVE ids.
  • Affected: Vendor=Google, Product=Chrome/Chromium (platform tags), Type=vendor; Versions indicate introduced? (often unknown) and fixed (for example 127.0.6533.88); tags mark platforms.
  • References: advisory (post URL), release notes, bug links; kind set appropriately.
  • Provenance: method=parser; value=post slug; recordedAt=fetch time.

In/Out of scope

In: vendor advisory mapping, fixed version emission per platform, psirt_flags vendor context. Out: OS distro packaging semantics; bug bounty details beyond references.

Observability & security expectations

  • Metrics: SourceDiagnostics exports the shared concelier.source.http.* counters/histograms tagged concelier.source=chromium, enabling dashboards to observe fetch volumes, parse failures, and map affected counts via tag filters.
  • Logs: post slugs, version extracted, platform coverage, timing; allowlist blog host.

Tests

  • Author and review coverage in ../StellaOps.Concelier.Connector.Vndr.Chromium.Tests.
  • Shared fixtures (e.g., MongoIntegrationFixture, ConnectorTestHarness) live in ../StellaOps.Concelier.Testing.
  • Keep fixtures deterministic; match new cases to real-world advisories or regression scenarios.