stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity
Files
66cb6c4b8af58a33efa1521b7953dda834431497
git.stella-ops.org/src/Concelier/__Libraries/StellaOps.Concelier.Connector.Ru.Nkcki/AGENTS.md
master 66cb6c4b8a
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Add guild charters and task boards for various components 
- Introduced guild charters for Scanner Deno, PHP, Ruby, Native, WebService, Java, Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, UI, Zastava Observer, Zastava Webhook, Zastava Core, and Plugin Platform.
- Each charter outlines the mission, scope, required reading, and working agreements for the respective guilds.
- Created task boards for Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, and Zastava components to track progress and dependencies.
- Ensured all documents emphasize determinism, offline readiness, security, and integration with shared Surface libraries.
2025-11-01 02:21:46 +02:00

2.4 KiB
Raw Blame History

AGENTS

Role

Implement the Russian NKTsKI (formerly NKCKI) advisories connector to ingest NKTsKI vulnerability bulletins for Conceliers regional coverage.

Scope

  • Identify NKTsKI advisory feeds/APIs (HTML, RSS, CSV) and access/authentication requirements.
  • Implement fetch/cursor pipeline with dedupe and failure backoff tailored to the source format.
  • Parse advisories to extract summary, affected vendors/products, recommended mitigation, and CVE identifiers.
  • Map advisories into canonical Advisory records with aliases, references, affected packages, and range primitives.
  • Create deterministic fixtures and regression tests.

Participants

  • Source.Common (HTTP/fetch utilities, DTO storage).
  • Storage.Mongo (raw/document/DTO/advisory stores, source state).
  • Concelier.Models (canonical data structures).
  • Concelier.Testing (integration fixtures, snapshots).

Interfaces & Contracts

  • Job kinds: nkcki:fetch, nkcki:parse, nkcki:map.
  • Persist upstream modification metadata to support incremental updates.
  • Alias set should include NKTsKI advisory IDs and CVEs when present.

In/Out of scope

In scope:

  • Core ingestion/mapping pipeline with range primitives.

Out of scope:

  • Translation beyond canonical field normalisation.

Observability & Security Expectations

  • Log fetch/mapping activity; mark failures with backoff delays.
  • Handle Cyrillic text encoding and sanitise HTML safely.
  • Respect upstream rate limiting/politeness.

Tests

  • Add StellaOps.Concelier.Connector.Ru.Nkcki.Tests for fetch/parse/map with canned fixtures.
  • Snapshot canonical advisories; support fixture regeneration via env flag.
  • Ensure deterministic ordering/time normalisation.

Required Reading

  • docs/modules/concelier/architecture.md
  • docs/modules/platform/architecture-overview.md

Working Agreement

    1. Update task status to DOING/DONE in both docs/implplan/SPRINTS.md and the local TASKS.md when you start or finish work.
    1. Review this charter and the Required Reading documents before coding; confirm prerequisites are met.
    1. Keep changes deterministic (stable ordering, timestamps, hashes) and align with offline/air-gap expectations.
    1. Coordinate doc updates, tests, and cross-guild communication whenever contracts or workflows change.
    1. Revert to TODO if you pause the task without shipping changes; leave notes in commit/PR descriptions for context.