git.stella-ops.org/src/StellaOps.Feedser.Source.Ru.Nkcki/AGENTS.md

AGENTS

Role

Implement the Russian NKTsKI (formerly NKCKI) advisories connector to ingest NKTsKI vulnerability bulletins for Feedser’s regional coverage.

Scope

• Identify NKTsKI advisory feeds/APIs (HTML, RSS, CSV) and access/authentication requirements.
• Implement fetch/cursor pipeline with dedupe and failure backoff tailored to the source format.
• Parse advisories to extract summary, affected vendors/products, recommended mitigation, and CVE identifiers.
• Map advisories into canonical Advisory records with aliases, references, affected packages, and range primitives.
• Create deterministic fixtures and regression tests.

Participants

• Source.Common (HTTP/fetch utilities, DTO storage).
• Storage.Mongo (raw/document/DTO/advisory stores, source state).
• Feedser.Models (canonical data structures).
• Feedser.Testing (integration fixtures, snapshots).

Interfaces & Contracts

• Job kinds: nkcki:fetch, nkcki:parse, nkcki:map.
• Persist upstream modification metadata to support incremental updates.
• Alias set should include NKTsKI advisory IDs and CVEs when present.

In/Out of scope

In scope:

• Core ingestion/mapping pipeline with range primitives.

Out of scope:

• Translation beyond canonical field normalisation.

Observability & Security Expectations

• Log fetch/mapping activity; mark failures with backoff delays.
• Handle Cyrillic text encoding and sanitise HTML safely.
• Respect upstream rate limiting/politeness.

Tests

• Add StellaOps.Feedser.Source.Ru.Nkcki.Tests for fetch/parse/map with canned fixtures.
• Snapshot canonical advisories; support fixture regeneration via env flag.
• Ensure deterministic ordering/time normalisation.