stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
8dc7273e272389ac700972aa782e23cfbbcf4e85
git.stella-ops.org/src/StellaOps.Concelier.Connector.Cve/TASKS.md
master 052da7a7d0 Rename Concelier Source modules to Connector
2025-10-18 20:47:13 +03:00

2.5 KiB
Raw Blame History

TASKS

Task Owner(s) Depends on Notes
Define CVE data source + contract BE-Conn-CVE Research DONE (2025-10-10) Connector targets the CVE Services JSON 5 API with authenticated windowed queries documented in CveOptions (CVE-API-* headers, pagination semantics, failure backoff).
Fetch/cursor implementation BE-Conn-CVE Source.Common, Storage.Mongo DONE (2025-10-10) Time-window + page-aware cursor with SourceFetchService fetching list/detail pairs, resumable state persisted via CveCursor.
DTOs & parser BE-Conn-CVE Source.Common DONE (2025-10-10) CveRecordParser and DTOs capture aliases, references, metrics, vendor ranges; sanitises text and timestamps.
Canonical mapping & range primitives BE-Conn-CVE Models DONE (2025-10-10) CveMapper emits canonical advisories, vendor range primitives, SemVer/range statuses, references, CVSS normalization.
2025-10-11 research trail: confirm subsequent MR adds NormalizedVersions shaped like [{"scheme":"semver","type":"range","min":"<min>","minInclusive":true,"max":"<max>","maxInclusive":false,"notes":"nvd:CVE-2025-XXXX"}] so storage provenance joins continue to work.
Deterministic tests & fixtures QA Testing DONE (2025-10-10) Added StellaOps.Concelier.Connector.Cve.Tests harness with canned fixtures + snapshot regression covering fetch/parse/map.
Observability & docs DevEx Docs DONE (2025-10-10) Diagnostics meter (cve.fetch.*, etc.) wired; options/usage documented via CveServiceCollectionExtensions.
Operator rollout playbook BE-Conn-CVE, Ops Docs DONE (2025-10-12) Refreshed docs/ops/concelier-cve-kev-operations.md with credential checklist, smoke book, PromQL guardrails, and linked Grafana pack (docs/ops/concelier-cve-kev-grafana-dashboard.json).
Live smoke & monitoring QA, BE-Conn-CVE WebService, Observability DONE (2025-10-15) Executed connector harness smoke using CVE Services sample window (CVE-2024-0001), confirmed fetch/parse/map telemetry (cve.fetch.*, cve.map.success) all incremented once, and archived the summary log + Grafana import guidance in docs/ops/concelier-cve-kev-operations.md (“Staging smoke 2025-10-15”).
FEEDCONN-CVE-02-003 Normalized versions rollout BE-Conn-CVE Models FEEDMODELS-SCHEMA-01-003, Normalization playbook DONE (2025-10-12) Confirmed SemVer primitives map to normalized rules with cve:{cveId}:{identifier} notes and refreshed snapshots; dotnet test src/StellaOps.Concelier.Connector.Cve.Tests passes on net10 preview.