30 lines
4.0 KiB
JSON
30 lines
4.0 KiB
JSON
{
|
|
"_meta": { "locale": "en-US", "namespace": "vulnexplorer", "version": "1.0" },
|
|
|
|
"vulnexplorer.vuln.list_description": "Returns a paginated list of vulnerability summaries for the tenant, optionally filtered by CVE IDs, PURLs, severity levels, exploitability, and fix availability. Results are ordered by score descending then ID ascending. Requires x-stella-tenant header.",
|
|
"vulnexplorer.vuln.get_description": "Returns the full vulnerability detail record for a specific vulnerability ID including CVE IDs, affected components, severity score, exploitability assessment, and fix availability. Returns 404 if not found. Requires x-stella-tenant header.",
|
|
|
|
"vulnexplorer.vex_decision.create_description": "Creates a new VEX decision record for a vulnerability and subject artifact, recording the analyst verdict, justification, and optional attestation options. Optionally creates a signed VEX attestation if attestationOptions.createAttestation is true. Returns 201 Created with the VEX decision. Requires x-stella-tenant, x-stella-user-id, and x-stella-user-name headers.",
|
|
"vulnexplorer.vex_decision.update_description": "Partially updates an existing VEX decision record by ID, allowing the analyst to revise the status, justification, or other mutable fields. Returns 200 with the updated decision or 404 if the decision is not found. Requires x-stella-tenant header.",
|
|
"vulnexplorer.vex_decision.list_description": "Returns a paginated list of VEX decisions for the tenant, optionally filtered by vulnerability ID, subject artifact name, and decision status. Results are returned in stable order with a page token for continuation. Requires x-stella-tenant header.",
|
|
"vulnexplorer.vex_decision.get_description": "Returns the full VEX decision record for a specific decision ID including vulnerability reference, subject artifact, analyst verdict, justification, timestamps, and attestation reference if present. Returns 404 if the decision is not found. Requires x-stella-tenant header.",
|
|
|
|
"vulnexplorer.evidence_subgraph.get_description": "Returns the evidence subgraph for a specific vulnerability ID, linking together all related VEX decisions, fix verifications, audit bundles, and attestations that form the traceability chain for the vulnerability disposition. Requires x-stella-tenant header.",
|
|
|
|
"vulnexplorer.fix_verification.create_description": "Creates a new fix verification record linking a CVE ID to a component PURL to track the verification status of an applied fix. Returns 201 Created with the verification record. Requires x-stella-tenant header and both cveId and componentPurl in the request body.",
|
|
"vulnexplorer.fix_verification.update_description": "Updates the verdict for an existing fix verification record, recording the confirmed verification outcome for a CVE fix. Returns 200 with the updated record or 404 if the fix verification is not found. Requires x-stella-tenant header and verdict in the request body.",
|
|
|
|
"vulnexplorer.audit_bundle.create_description": "Creates an immutable audit bundle aggregating a set of VEX decisions by their IDs into a single exportable evidence record for compliance and audit purposes. Returns 201 Created with the bundle ID and included decisions. Returns 404 if none of the requested decision IDs are found. Requires x-stella-tenant header.",
|
|
|
|
"vulnexplorer.error.tenant_required": "x-stella-tenant required",
|
|
"vulnexplorer.error.vulnerability_id_required": "vulnerabilityId is required",
|
|
"vulnexplorer.error.subject_required": "subject is required",
|
|
"vulnexplorer.error.vuln_id_required": "vulnId is required",
|
|
"vulnexplorer.error.cve_id_and_purl_required": "cveId and componentPurl are required",
|
|
"vulnexplorer.error.verdict_required": "verdict is required",
|
|
"vulnexplorer.error.decision_ids_required": "decisionIds is required",
|
|
"vulnexplorer.error.no_decisions_found": "No decisions found for requested decisionIds",
|
|
"vulnexplorer.error.vex_decision_not_found": "VEX decision {0} not found",
|
|
"vulnexplorer.error.fix_verification_not_found": "Fix verification {0} not found"
|
|
}
|