stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 12 Releases Wiki Activity
Files
6bee1fdcf58fe6c2fd8dae6201f5f71eb504710f
git.stella-ops.org/docs/modules/cli/guides/commands/advisory.md
StellaOps Bot 6bee1fdcf5
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Docs CI / lint-and-preview (push) Has been cancelled
Details
work
2025-11-25 08:01:23 +02:00

1.2 KiB
Raw Blame History

stella advisory — Command Guide

Commands

  • stella advisory list --source <provider> [--status <status>] [--output json|ndjson|table] [--offline]
  • stella advisory get --id <advisoryId> [--output json|table] [--offline]
  • stella advisory export --bundle <path> [--offline]

Flags (common)

  • --offline: pull from cached advisory snapshots/mirror bundles only; exit code 5 if remote needed.
  • --source: provider filter (msrc, nvd, osv, csaf, etc.).
  • --status: affected, fixed, not_affected, withdrawn, disputed.
  • --output: json (default), ndjson, table.

Inputs/outputs

  • Inputs: Concelier/Excititor advisory projections; cached mirror bundles when offline.
  • Outputs: raw evidence with provenance (observationId, linksetId, signatures); no merging/inference.
  • Exit codes per output-and-exit-codes.md; not found → 4, offline violation → 5.

Determinism rules

  • Sorted by advisory key; withdrawn/duplicate handling matches upstream evidence; no severity inference.
  • Timestamps UTC; hashes lowercase hex.

Offline/air-gap notes

  • Mirror bundles must be preloaded for offline use; CLI verifies signatures against trust roots.
  • Export uses local evidence only; produces deterministic bundle with manifest + checksums.