stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports

Browse Source 
- Introduced a new VEX compact fixture for testing purposes.
- Implemented `verify_export.py` script to validate Findings Ledger exports, ensuring deterministic ordering and applying redaction manifests.
- Added a lightweight stub `HarnessRunner` for unit tests to validate ledger hashing expectations.
- Documented tasks related to the Mirror Creator.
- Created models for entropy signals and implemented the `EntropyPenaltyCalculator` to compute penalties based on scanner outputs.
- Developed unit tests for `EntropyPenaltyCalculator` to ensure correct penalty calculations and handling of edge cases.
- Added tests for symbol ID normalization in the reachability scanner.
- Enhanced console status service with comprehensive unit tests for connection handling and error recovery.
- Included Cosign tool version 2.6.0 with checksums for various platforms.
This commit is contained in:
StellaOps Bot
2025-12-02 21:08:01 +02:00
parent 6d049905c7
commit 47168fec38
146 changed files with 4329 additions and 549 deletions
Download Patch File Download Diff File Expand all files Collapse all files

163
docs/modules/concelier/schemas/advisory-observation.schema.json Normal file
View File

@@ -0,0 +1,163 @@
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://stellaops.local/concelier/schemas/advisory-observation.schema.json",
"title": "Concelier Advisory Observation (Link-Not-Merge)",
"type": "object",
"additionalProperties": false,
"required": [
"observationId",
"tenant",
"source",
"upstream",
"content",
"linkset",
"rawLinkset",
"createdAt"
],
"properties": {
"observationId": { "type": "string", "minLength": 1 },
"tenant": { "type": "string", "minLength": 1, "pattern": "^[a-z0-9:-]+$" },
"source": {
"type": "object",
"additionalProperties": false,
"required": ["vendor", "stream", "api"],
"properties": {
"vendor": { "type": "string", "minLength": 1 },
"stream": { "type": "string", "minLength": 1 },
"api": { "type": "string", "format": "uri" },
"collectorVersion": { "type": "string" }
}
},
"upstream": {
"type": "object",
"additionalProperties": false,
"required": [
"upstreamId",
"fetchedAt",
"receivedAt",
"contentHash",
"signature"
],
"properties": {
"upstreamId": { "type": "string", "minLength": 1 },
"documentVersion": { "type": "string" },
"fetchedAt": { "type": "string", "format": "date-time" },
"receivedAt": { "type": "string", "format": "date-time" },
"contentHash": {
"type": "string",
"pattern": "^sha256:[A-Fa-f0-9]{64}$"
},
"signature": {
"type": "object",
"additionalProperties": false,
"required": ["present"],
"properties": {
"present": { "type": "boolean" },
"format": { "type": "string" },
"keyId": { "type": "string" },
"signature": { "type": "string" }
},
"allOf": [
{
"if": { "properties": { "present": { "const": true } } },
"then": {
"required": ["format", "keyId", "signature"],
"properties": {
"format": { "minLength": 1 },
"keyId": { "minLength": 1 },
"signature": { "minLength": 1 }
}
}
},
{
"if": { "properties": { "present": { "const": false } } },
"then": {
"properties": {
"format": { "maxLength": 0 },
"keyId": { "maxLength": 0 },
"signature": { "maxLength": 0 }
}
}
}
]
},
"metadata": {
"type": "object",
"additionalProperties": { "type": "string" },
"propertyNames": { "pattern": "^[A-Za-z0-9_.:-]+$" }
}
}
},
"content": {
"type": "object",
"additionalProperties": false,
"required": ["format", "raw"],
"properties": {
"format": { "type": "string", "minLength": 1 },
"specVersion": { "type": "string" },
"raw": { "type": ["object", "array"] },
"metadata": {
"type": "object",
"additionalProperties": { "type": "string" },
"propertyNames": { "pattern": "^[A-Za-z0-9_.:-]+$" }
}
}
},
"linkset": {
"type": "object",
"additionalProperties": false,
"properties": {
"aliases": { "type": "array", "items": { "type": "string" }, "uniqueItems": true },
"purls": { "type": "array", "items": { "type": "string" }, "uniqueItems": true },
"cpes": { "type": "array", "items": { "type": "string" }, "uniqueItems": true },
"references": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"required": ["type", "url"],
"properties": {
"type": { "type": "string" },
"url": { "type": "string", "format": "uri" }
}
}
},
"reconciledFrom": { "type": "array", "items": { "type": "string" }, "uniqueItems": true }
}
},
"rawLinkset": {
"type": "object",
"additionalProperties": false,
"properties": {
"aliases": { "type": "array", "items": { "type": "string" }, "uniqueItems": true },
"packageUrls": { "type": "array", "items": { "type": "string" } },
"cpes": { "type": "array", "items": { "type": "string" } },
"references": {
"type": "array",
"items": {
"type": "object",
"properties": {
"type": { "type": "string" },
"url": { "type": "string" }
},
"required": ["type", "url"],
"additionalProperties": false
}
},
"relationships": { "type": "array", "items": { "type": "object" } },
"reconciledFrom": { "type": "array", "items": { "type": "string" } },
"scopes": { "type": "array", "items": { "type": "string" } },
"notes": {
"type": "object",
"additionalProperties": { "type": "string" }
}
}
},
"attributes": {
"type": "object",
"additionalProperties": { "type": "string" },
"propertyNames": { "pattern": "^[A-Za-z0-9_.:-]+$" }
},
"createdAt": { "type": "string", "format": "date-time" }
}
}