39 lines
1.7 KiB
Markdown
39 lines
1.7 KiB
Markdown
# AGENTS
|
||
## Role
|
||
Implement the Russian NKTsKI (formerly NKCKI) advisories connector to ingest NKTsKI vulnerability bulletins for Feedser’s regional coverage.
|
||
|
||
## Scope
|
||
- Identify NKTsKI advisory feeds/APIs (HTML, RSS, CSV) and access/authentication requirements.
|
||
- Implement fetch/cursor pipeline with dedupe and failure backoff tailored to the source format.
|
||
- Parse advisories to extract summary, affected vendors/products, recommended mitigation, and CVE identifiers.
|
||
- Map advisories into canonical `Advisory` records with aliases, references, affected packages, and range primitives.
|
||
- Create deterministic fixtures and regression tests.
|
||
|
||
## Participants
|
||
- `Source.Common` (HTTP/fetch utilities, DTO storage).
|
||
- `Storage.Mongo` (raw/document/DTO/advisory stores, source state).
|
||
- `Feedser.Models` (canonical data structures).
|
||
- `Feedser.Testing` (integration fixtures, snapshots).
|
||
|
||
## Interfaces & Contracts
|
||
- Job kinds: `nkcki:fetch`, `nkcki:parse`, `nkcki:map`.
|
||
- Persist upstream modification metadata to support incremental updates.
|
||
- Alias set should include NKTsKI advisory IDs and CVEs when present.
|
||
|
||
## In/Out of scope
|
||
In scope:
|
||
- Core ingestion/mapping pipeline with range primitives.
|
||
|
||
Out of scope:
|
||
- Translation beyond canonical field normalisation.
|
||
|
||
## Observability & Security Expectations
|
||
- Log fetch/mapping activity; mark failures with backoff delays.
|
||
- Handle Cyrillic text encoding and sanitise HTML safely.
|
||
- Respect upstream rate limiting/politeness.
|
||
|
||
## Tests
|
||
- Add `StellaOps.Feedser.Source.Ru.Nkcki.Tests` for fetch/parse/map with canned fixtures.
|
||
- Snapshot canonical advisories; support fixture regeneration via env flag.
|
||
- Ensure deterministic ordering/time normalisation.
|