stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

sprints work

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-25 12:19:12 +02:00
parent 223843f1d1
commit 2a06f780cf
224 changed files with 41796 additions and 1515 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
tests/fixtures/invalid/README.md vendored Normal file
View File

@@ -0,0 +1,24 @@
# Invalid Fixtures for Negative Testing
This directory contains intentionally invalid SBOM fixtures used for CI negative testing.
These fixtures MUST fail schema validation to ensure the CI pipeline correctly detects errors.
## CycloneDX Invalid Fixtures
| File | Defect | Expected Error |
|------|--------|----------------|
| `cyclonedx-wrong-version.json` | specVersion "2.0" doesn't exist | Invalid enum value for specVersion |
| `cyclonedx-missing-required.json` | Missing required specVersion field | Missing required property: specVersion |
| `cyclonedx-invalid-component.json` | Component missing name and type | Required properties missing in component |
## CI Usage
The schema validation workflow uses the `tests/fixtures/invalid/` directory for negative test cases.
When `--expect-failures` is passed, the CI expects these files to fail validation.
## Adding New Test Cases
1. Create a new JSON file with an intentional schema violation
2. Add a `$comment` field explaining the defect
3. Update this README with the expected error
4. Ensure the file has the correct format marker (e.g., `"bomFormat": "CycloneDX"`)

15
tests/fixtures/invalid/cyclonedx-invalid-component.json vendored Normal file
View File

@@ -0,0 +1,15 @@
{
"$comment": "INTENTIONALLY INVALID CycloneDX fixture - component missing required 'name' and 'type' fields.",
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"version": 1,
"metadata": {
"timestamp": "2025-12-25T00:00:00Z"
},
"components": [
{
"invalid-field": "this-is-not-valid",
"purl": "pkg:npm/missing-required-fields@1.0.0"
}
]
}

9
tests/fixtures/invalid/cyclonedx-missing-required.json vendored Normal file
View File

@@ -0,0 +1,9 @@
{
"$comment": "INTENTIONALLY INVALID CycloneDX fixture - missing required 'specVersion' field.",
"bomFormat": "CycloneDX",
"version": 1,
"metadata": {
"timestamp": "2025-12-25T00:00:00Z"
},
"components": []
}

11
tests/fixtures/invalid/cyclonedx-wrong-version.json vendored Normal file
View File

@@ -0,0 +1,11 @@
{
"$comment": "INTENTIONALLY INVALID CycloneDX fixture for negative testing.",
"$comment2": "specVersion 2.0 does not exist and should fail schema validation.",
"bomFormat": "CycloneDX",
"specVersion": "2.0",
"version": 1,
"metadata": {
"timestamp": "2025-12-25T00:00:00Z"
},
"components": []
}