This guide is the dedicated walkthrough for adding a new ingestion source to PatchHound.
- Source integrations:
src/PatchHound.Infrastructure/VulnerabilitySources - Source-specific options:
src/PatchHound.Infrastructure/Options - Domain models and contracts:
src/PatchHound.Core - Tests:
tests/PatchHound.Tests/Infrastructure
- Add the source implementation under
src/PatchHound.Infrastructure/VulnerabilitySources. - Model any required configuration in
src/PatchHound.Infrastructure/Options. - Register the source and supporting services in the application startup path.
- Normalize external payloads before they enter domain workflows.
- Add tests for mapping, validation, and failure behavior.
- Document any new environment variables or operational prerequisites.
- Keep API clients and payload mapping isolated from business logic.
- Prefer explicit contracts over dynamic parsing.
- Log failures with enough context to debug ingestion issues.
- Make retries and partial-failure behavior predictable.
Before opening a pull request, verify:
dotnet build PatchHound.slnx
dotnet test PatchHound.slnx -v minimalIf the source also affects frontend configuration or admin flows, run the frontend checks as well.