EPSS Feed Connector (Concelier Three-Stage Pattern)

Module

Concelier

Status

VERIFIED

Description

Concelier connector for EPSS (Exploit Prediction Scoring System) feed ingestion following three-stage Fetch/Parse/Map pattern. Reuses Scanner's EpssCsvStreamParser for CSV parsing, supports ETag conditional requests, air-gap bundle fallback, priority band classification (Critical/High/Medium/Low at 0.70/0.40/0.10 thresholds), and daily scheduled ingestion (10:00 UTC).

Implementation Details

Modules: src/Concelier/__Libraries/StellaOps.Concelier.Connector.Epss/
Key Classes:
- EpssConnector (src/Concelier/__Libraries/StellaOps.Concelier.Connector.Epss/Internal/EpssConnector.cs) - IFeedConnector implementation with three-stage Fetch/Parse/Map pattern
- EpssConnectorPlugin (src/Concelier/__Libraries/StellaOps.Concelier.Connector.Epss/EpssConnectorPlugin.cs) - IConnectorPlugin registration for DI discovery
Interfaces: IFeedConnector, IConnectorPlugin
Source: SPRINT_4000_0002_0001_epss_feed_connector.md

E2E Test Plan

Trigger EPSS connector ingestion and verify EPSS scores are fetched and stored for CVE IDs
Verify priority band classification: CVEs with EPSS > 0.70 are classified as Critical, 0.40-0.70 as High, 0.10-0.40 as Medium, < 0.10 as Low
Verify ETag conditional requests: second ingestion with unchanged data returns 304 and skips re-parsing
Verify air-gap bundle fallback: configure offline mode and verify ingestion falls back to local bundle
Verify daily scheduled ingestion runs at the configured time

Verification

Run ID: run-003
Date: 2026-02-12
Tests: 46 passed, 0 failed (StellaOps.Concelier.Connector.Epss.Tests)
Verdict: PASS - All behavioral assertions verified including three-stage Fetch/Parse/Map pattern, ETag conditional request handling, band classification at all thresholds, deterministic CSV parsing, cursor round-trip fidelity, and options validation.

2.0 KiB Raw Blame History