APPENG-4467- rpm analyzier mile stone one by RedTanny · Pull Request #222 · RHEcosystemAppEng/vulnerability-analysis

RedTanny · 2026-04-15T14:20:05Z

No description provided.

batzionb · 2026-05-06T12:05:41Z

Can the API payload be simplified somehow?
Will this more simplified structure work:

{
  "scan": {
    "vulns": [
      { "vuln_id": "CVE-2023-0464" }
    ]
  },
  "rpm": {
      "name": "openssl",
      "version": "1.1.1k",
      "release": "8.el9_9",
      "arch": "x86_64"
    }
}

without the additional ecosystem option
more intuitive name than "target_package"
without all other fields being required and without pipeline_mode
if rpm is present, use the rpm pipleline mode
and not under the image field, which is confusing as it's not an image

batzionb · 2026-05-06T12:06:35Z

In addition - can the API changes appear in the openapi spec

batzionb · 2026-05-06T14:55:39Z

Follow up on #222 (comment)
Using the API as is, requires the client to define a dummy repo URL so request won't be rejected
See here

RedTanny added 9 commits April 27, 2026 13:30

rpm analyzier mile stone one

cdf9dd5

start prompt the identify keywords

34a0b14

Identiy sub graph flow

7024b9b

chunk and parse code file and index it to the lexical search

95543f0

milestone 1 locate vulnerability place

d8ae498

locate mile stone 2

c31255b

verify step 1

8f26f2a

clear labels

436d75f

last changes

50638ee

RedTanny force-pushed the APPENG-4467-Rpm-Checker branch from cde60ba to 50638ee Compare April 27, 2026 13:30

RedTanny added 20 commits April 28, 2026 07:24

generating report for L1 agent

8953458

fix L1 report

49bdfdd

update prompt

70bd805

Save changes before change in design

ceea155

redesign: preprocess node

66e64a3

save work

db9e0fd

first React agent loop work

b85aa87

improve report for downstream L1

d18da88

before report change

f38d5c8

fix report

96cf96e

cleanup and fix bug

18e4667

add observation logic

2703240

observation node part2

e07ab79

Integration L2 with flow

0070e57

skeleton L2 agent

c5b1149

save cwe-id and add hardening db file

74cdaa4

Imp preprocess data

16b3146

force node to code agent

f04a0d8

L2 Agent build ,before loop

aea087a

not working yet

1b16ad7

RedTanny added 2 commits May 6, 2026 20:49

E2E - with bugs

d7794df

new api schema for rpm checker

cb3ff4b

batzionb mentioned this pull request May 7, 2026

request RPM analysis API RHEcosystemAppEng/agent-morpheus-client#220

Draft

RedTanny added 14 commits May 7, 2026 14:51

save before big change

8e7310a

add vulnerability intel

a2b7bd8

L2 build agent improvments

d62dff6

filter binary file

38f88fd

fix status of report

f1d1fac

check for package name in cve matches package target

45b9ef8

add Intel calculation of score and reports

ecff816

clear summary report

d7c77a3

clean report summary executive

a9fa52e

update report structure

cac3af5

report use case upstream find patch to use

4fa7f93

update rebase to fetch patch from github

7234275

missing file

9c5f781

send failure to failed node and add url to report

4d0892b

zvigrinberg self-requested a review May 13, 2026 11:56

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

APPENG-4467- rpm analyzier mile stone one#222

APPENG-4467- rpm analyzier mile stone one#222
RedTanny wants to merge 45 commits into
RHEcosystemAppEng:mainfrom
RedTanny:APPENG-4467-Rpm-Checker

RedTanny commented Apr 15, 2026

Uh oh!

batzionb commented May 6, 2026 •

edited

Loading

Uh oh!

batzionb commented May 6, 2026

Uh oh!

batzionb commented May 6, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

RedTanny commented Apr 15, 2026

Uh oh!

batzionb commented May 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

batzionb commented May 6, 2026

Uh oh!

batzionb commented May 6, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

batzionb commented May 6, 2026 •

edited

Loading