stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
bc0762e97d251723854b9c4e482b218c8efb1e04
git.stella-ops.org/docs/advisories/explorer-integration.md
StellaOps Bot 579236bfce
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Add MongoDB storage library and update acceptance tests with deterministic stubs 
- Created StellaOps.Notify.Storage.Mongo project with initial configuration.
- Added expected output files for acceptance tests (at1.txt to at10.txt).
- Added fixture input files for acceptance tests (at1 to at10).
- Created input and signature files for test cases fc1 to fc5.
2025-12-05 22:56:01 +02:00

25 lines
877 B
Markdown
Raw Blame History

# Advisories Integration with Vuln Explorer (Md.XI draft)
> Status: DRAFT — waiting on export bundle spec + provenance notes; keep TODO.
## Scope
- Describe advisory normalization, withdrawn handling, provenance, and export bundle linkage for Vuln Explorer.
- Deterministic examples with hashes in `docs/assets/vuln-explorer/SHA256SUMS`.
## Dependencies
- Export bundle spec/provenance notes (in progress).
- GRAP0101 identifiers.
## Outline
- Advisory ingestion flow and key normalization.
- Withdrawn/updated advisory handling.
- Provenance: DSSE/Rekor optional; bundle manifests.
- Cross-links to findings ledger and VEX decisions.
### Hash Capture Checklist (when spec arrives)
- `assets/vuln-explorer/advisory-normalized.json`
- `assets/vuln-explorer/advisory-withdrawn.json`
- `assets/vuln-explorer/advisory-bundle-manifest.json`
_Last updated: 2025-12-05 (UTC)_
Reference in New Issue View Git Blame Copy Permalink