stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

up the blokcing tasks
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
Notify Smoke Test / Notifier Service Tests (push) Has been cancelled
Details
Notify Smoke Test / Notification Smoke Test (push) Has been cancelled
Details
Notify Smoke Test / Notify Unit Tests (push) Has been cancelled
Details
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Export Center CI / export-ci (push) Has been cancelled
Details
Manifest Integrity / Validate Schema Integrity (push) Has been cancelled
Details
Manifest Integrity / Validate Contract Documents (push) Has been cancelled
Details
Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled
Details
Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled
Details
Manifest Integrity / Verify Merkle Roots (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
Risk Bundle CI / risk-bundle-build (push) Has been cancelled
Details
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Details
Risk Bundle CI / risk-bundle-offline-kit (push) Has been cancelled
Details
Risk Bundle CI / publish-checksums (push) Has been cancelled
Details
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Details
devportal-offline / build-offline (push) Has been cancelled
Details
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
Details

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-11 02:32:18 +02:00
parent 92bc4d3a07
commit 49922dff5a
474 changed files with 76071 additions and 12411 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Deno/DenoRuntimeTraceProbeTests.cs
View File

@@ -9,10 +9,10 @@ public sealed class DenoRuntimeTraceProbeTests
public void ComputesMetadataAndHashFromNdjson()
{
const string ndjson =
@"{\""type\"":\"\"deno.module.load\"",\""ts\"":\"\"2025-11-17T12:00:00Z\"",\""reason\"":\"\"dynamic-import\"",\""permissions\"":[\"\"fs\""],\""origin\"":\"\"https://deno.land\""}
{\""type\"":\"\"deno.permission.use\"",\""ts\"":\"\"2025-11-17T12:00:01Z\"",\""permission\"":\"\"NET\""}
{\""type\"":\"\"deno.npm.resolution\"",\""ts\"":\"\"2025-11-17T12:00:02Z\""}
{\""type\"":\"\"deno.wasm.load\"",\""ts\"":\"\"2025-11-17T12:00:03Z\""}
@"{""type"":""deno.module.load"",""ts"":""2025-11-17T12:00:00Z"",""reason"":""dynamic-import"",""permissions"":[""fs""],""origin"":""https://deno.land""}
{""type"":""deno.permission.use"",""ts"":""2025-11-17T12:00:01Z"",""permission"":""NET""}
{""type"":""deno.npm.resolution"",""ts"":""2025-11-17T12:00:02Z""}
{""type"":""deno.wasm.load"",""ts"":""2025-11-17T12:00:03Z""}
";
var bytes = Encoding.UTF8.GetBytes(ndjson);

18
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Deno/DenoRuntimeTraceRunnerTests.cs
View File

@@ -82,7 +82,7 @@ public sealed class DenoRuntimeTraceRunnerTests
{
var stub = CreateStubDeno(root);
var entry = Path.Combine(root, "main.ts");
var fixture = Path.Combine(TestPaths.GetProjectRoot(), "TestFixtures/deno-runtime/simple/main.ts");
var fixture = Path.Combine(TestPaths.ResolveProjectRoot(), "TestFixtures/deno-runtime/simple/main.ts");
File.Copy(fixture, entry);
using var entryEnv = new EnvironmentVariableScope("STELLA_DENO_ENTRYPOINT", "main.ts");
@@ -126,13 +126,15 @@ public sealed class DenoRuntimeTraceRunnerTests
}
else
{
var script = """#!/usr/bin/env bash
set -euo pipefail
cat > deno-runtime.ndjson <<'EOF'
{"type":"deno.runtime.start","ts":"2025-01-01T00:00:00Z","module":{"normalized":".","path_sha256":"0"},"reason":"shim-start"}
{"type":"deno.module.load","ts":"2025-01-01T00:00:01Z","module":{"normalized":"main.ts","path_sha256":"abc"},"reason":"static-import","permissions":[]}
EOF
""";
var script =
"""
#!/usr/bin/env bash
set -euo pipefail
cat > deno-runtime.ndjson <<'EOF'
{"type":"deno.runtime.start","ts":"2025-01-01T00:00:00Z","module":{"normalized":".","path_sha256":"0"},"reason":"shim-start"}
{"type":"deno.module.load","ts":"2025-01-01T00:00:01Z","module":{"normalized":"main.ts","path_sha256":"abc"},"reason":"static-import","permissions":[]}
EOF
""";
File.WriteAllText(path, script);
try
{

5
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Deno/DenoRuntimeTraceSerializerTests.cs
View File

@@ -1,6 +1,5 @@
using System.Text;
using StellaOps.Scanner.Analyzers.Lang.Deno.Internal.Runtime;
using StellaOps.Scanner.Analyzers.Lang.Tests.TestUtilities;
namespace StellaOps.Scanner.Analyzers.Lang.Deno.Tests.Deno;
@@ -42,8 +41,8 @@ public sealed class DenoRuntimeTraceSerializerTests
// Stable hash and NDJSON ordering
const string expectedNdjson =
@"{\""type\"":\"\"deno.module.load\"",\""ts\"":\"\"2025-11-17T12:00:00.123+00:00\"",\""module\"":{\""normalized\"":\"\"app/main.ts\"",\""path_sha256\"":\"\"abc123\""},\""reason\"":\"\"dynamic-import\"",\""permissions\"":[\"\"fs\"\", \""net\""],\""origin\"":\"\"https://deno.land/x/std@0.208.0/http/server.ts\""}
{\""type\"":\"\"deno.permission.use\"",\""ts\"":\"\"2025-11-17T12:00:01.234+00:00\"",\""permission\"":\"\"ffi\"",\""module\"":{\""normalized\"":\"\"native/mod.ts\"",\""path_sha256\"":\"\"def456\""},\""details\"":\"\"Deno.dlopen\""}
@"{""type"":""deno.module.load"",""ts"":""2025-11-17T12:00:00.123+00:00"",""module"":{""normalized"":""app/main.ts"",""path_sha256"":""abc123""},""reason"":""dynamic-import"",""permissions"":[""fs"",""net""],""origin"":""https://deno.land/x/std@0.208.0/http/server.ts""}
{""type"":""deno.permission.use"",""ts"":""2025-11-17T12:00:01.234+00:00"",""permission"":""ffi"",""module"":{""normalized"":""native/mod.ts"",""path_sha256"":""def456""},""details"":""Deno.dlopen""}
";
Assert.Equal(expectedNdjson.Replace("\r\n", "\n"), text.Replace("\r\n", "\n"));

7
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/cache-offline/deno.json Normal file
View File

@@ -0,0 +1,7 @@
{
"name": "cache-offline-fixture",
"version": "1.0.0",
"imports": {
"std/": "https://deno.land/std@0.218.0/"
}
}

10
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/cache-offline/deno.lock generated Normal file
View File

@@ -0,0 +1,10 @@
{
"version": "3",
"packages": {},
"redirects": {},
"remote": {
"https://deno.land/std@0.218.0/path/mod.ts": "a1b2c3d4e5f67890abcdef1234567890abcdef1234567890abcdef1234567890",
"https://deno.land/std@0.218.0/path/posix.ts": "b2c3d4e5f67890abcdef1234567890abcdef1234567890abcdef1234567890ab",
"https://deno.land/std@0.218.0/path/win32.ts": "c3d4e5f67890abcdef1234567890abcdef1234567890abcdef1234567890abcd"
}
}

4
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/cache-offline/main.ts Normal file
View File

@@ -0,0 +1,4 @@
import { join, dirname } from "std/path/mod.ts";
const configPath = join(Deno.cwd(), "config.json");
console.log("Config directory:", dirname(configPath));

4
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/local-only/config.ts Normal file
View File

@@ -0,0 +1,4 @@
export class Config {
readonly name = "LocalProject";
readonly version = "1.0.0";
}

7
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/local-only/lib/utils.ts Normal file
View File

@@ -0,0 +1,7 @@
export function greet(name: string): string {
return `Hello, ${name}!`;
}
export function formatDate(date: Date): string {
return date.toISOString();
}

5
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/local-only/main.ts Normal file
View File

@@ -0,0 +1,5 @@
import { greet } from "./lib/utils.ts";
import { Config } from "./config.ts";
const config = new Config();
console.log(greet(config.name));

10
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/npm-mixed/deno.json Normal file
View File

@@ -0,0 +1,10 @@
{
"name": "npm-mixed-fixture",
"version": "1.0.0",
"imports": {
"std/": "https://deno.land/std@0.218.0/",
"lodash": "npm:lodash@4.17.21",
"zod": "npm:zod@3.22.4"
},
"nodeModulesDir": true
}

23
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/npm-mixed/deno.lock generated Normal file
View File

@@ -0,0 +1,23 @@
{
"version": "3",
"packages": {
"specifiers": {
"npm:lodash@4.17.21": "npm:lodash@4.17.21",
"npm:zod@3.22.4": "npm:zod@3.22.4"
},
"npm": {
"lodash@4.17.21": {
"integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
"dependencies": {}
},
"zod@3.22.4": {
"integrity": "sha512-iC+8Io04lddc+mVqQ9AZ7OQ2MrUKGN+oIQyq1vemgt46jwCwLfHq7N5W6qFnIgJH90r3MFzPmWPlp6FV6A8pvQ==",
"dependencies": {}
}
}
},
"redirects": {},
"remote": {
"https://deno.land/std@0.218.0/path/mod.ts": "a1b2c3d4e5f67890abcdef1234567890abcdef1234567890abcdef1234567890"
}
}

21
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/npm-mixed/main.ts Normal file
View File

@@ -0,0 +1,21 @@
import _ from "lodash";
import { z } from "zod";
import { join } from "std/path/mod.ts";
const UserSchema = z.object({
name: z.string(),
email: z.string().email(),
});
const users = [
{ name: "Alice", email: "alice@example.com" },
{ name: "Bob", email: "bob@example.com" },
];
const validUsers = users.filter((u) => {
const result = UserSchema.safeParse(u);
return result.success;
});
console.log(_.map(validUsers, "name"));
console.log(join("data", "users.json"));

11
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/remote-only/deno.json Normal file
View File

@@ -0,0 +1,11 @@
{
"name": "remote-only-fixture",
"version": "1.0.0",
"imports": {
"std/": "https://deno.land/std@0.218.0/",
"oak": "https://deno.land/x/oak@v12.6.1/mod.ts"
},
"compilerOptions": {
"strict": true
}
}

12
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/remote-only/deno.lock generated Normal file
View File

@@ -0,0 +1,12 @@
{
"version": "3",
"packages": {},
"redirects": {},
"remote": {
"https://deno.land/std@0.218.0/assert/assert.ts": "ba6c57f1fdd6f3ee8dd5da24b6f75fc34eb3d65721a47c1c31add2f8bf4e91f4",
"https://deno.land/std@0.218.0/fmt/colors.ts": "d67e3cd9f472f5b4d77876b52e2e54f5bb0a5a4c3eb9f3fae9e3c5b3b1c93ff6",
"https://deno.land/std@0.218.0/http/server.ts": "a1b2c3d4e5f67890abcdef1234567890abcdef1234567890abcdef1234567890",
"https://deno.land/x/oak@v12.6.1/mod.ts": "fedcba0987654321fedcba0987654321fedcba0987654321fedcba0987654321",
"https://deno.land/x/oak@v12.6.1/router.ts": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef"
}
}

11
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/Fixtures/remote-only/main.ts Normal file
View File

@@ -0,0 +1,11 @@
import { Application } from "oak";
import { assertEquals } from "std/assert/assert.ts";
import { red, green } from "std/fmt/colors.ts";
const app = new Application();
app.use((ctx) => {
ctx.response.body = green("Hello from Deno!");
});
await app.listen({ port: 8000 });

1
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Deno.Tests/GlobalUsings.cs Normal file
View File

@@ -0,0 +1 @@
global using StellaOps.Scanner.Analyzers.Lang.Deno.Tests.TestUtilities;

379
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Java.Tests/Java/JavaRuntimeIngestionTests.cs Normal file
View File

@@ -0,0 +1,379 @@
using System.Text;
using StellaOps.Scanner.Analyzers.Lang.Java.Internal.Runtime;
namespace StellaOps.Scanner.Analyzers.Lang.Java.Tests;
/// <summary>
/// Tests for SCANNER-ANALYZERS-JAVA-21-010: Runtime ingestion via Java agent + JFR reader.
/// </summary>
public sealed class JavaRuntimeIngestionTests
{
[Fact]
public async Task ParseAsync_ClassLoadEvent_ProducesRuntimeClassEdge()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"com/example/MyService","class_loader":"app","source":"/app/lib/myservice.jar","initiating_class":"com/example/Main"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Single(result.Events);
Assert.Single(result.RuntimeEdges);
var edge = result.RuntimeEdges[0];
Assert.Equal(JavaRuntimeEdgeType.RuntimeClass, edge.EdgeType);
Assert.Equal("com/example/Main", edge.SourceClass);
Assert.Equal("com/example/MyService", edge.TargetClass);
Assert.Equal(JavaRuntimeEdgeReason.ClassLoadApplication, edge.Reason);
Assert.Equal(1.0, edge.Confidence);
}
[Fact]
public async Task ParseAsync_ServiceLoaderEvent_ProducesRuntimeSpiEdge()
{
var ndjson = """
{"type":"java.service.load","ts":"2025-12-10T10:00:01.000Z","service_interface":"com/example/spi/Service","providers":[{"provider_class":"com/example/impl/ServiceImpl","source":"/app/lib/impl.jar"}],"initiating_class":"com/example/ServiceLoader"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Single(result.RuntimeEdges);
Assert.Single(result.RuntimeEntrypoints);
var edge = result.RuntimeEdges[0];
Assert.Equal(JavaRuntimeEdgeType.RuntimeSpi, edge.EdgeType);
Assert.Equal("com/example/spi/Service", edge.SourceClass);
Assert.Equal("com/example/impl/ServiceImpl", edge.TargetClass);
var entrypoint = result.RuntimeEntrypoints[0];
Assert.Equal(JavaRuntimeEntrypointType.ServiceProvider, entrypoint.EntrypointType);
Assert.Equal("com/example/impl/ServiceImpl", entrypoint.ClassName);
}
[Fact]
public async Task ParseAsync_NativeLoadEvent_ProducesRuntimeNativeLoadEdge()
{
var ndjson = """
{"type":"java.native.load","ts":"2025-12-10T10:00:02.000Z","library_name":"jni_native","resolved_path":"/usr/lib/libjni_native.so","load_method":"System.loadLibrary","initiating_class":"com/example/NativeLoader","success":true}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Single(result.RuntimeEdges);
var edge = result.RuntimeEdges[0];
Assert.Equal(JavaRuntimeEdgeType.RuntimeNativeLoad, edge.EdgeType);
Assert.Equal("com/example/NativeLoader", edge.SourceClass);
Assert.Equal("jni_native", edge.TargetClass);
Assert.Equal(JavaRuntimeEdgeReason.SystemLoadLibrary, edge.Reason);
Assert.Equal(1.0, edge.Confidence);
}
[Fact]
public async Task ParseAsync_FailedNativeLoad_ProducesLowerConfidenceEdge()
{
var ndjson = """
{"type":"java.native.load","ts":"2025-12-10T10:00:02.000Z","library_name":"missing_lib","load_method":"System.loadLibrary","initiating_class":"com/example/NativeLoader","success":false}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Single(result.RuntimeEdges);
var edge = result.RuntimeEdges[0];
Assert.Equal(JavaRuntimeEdgeReason.NativeLoadFailure, edge.Reason);
Assert.Equal(0.5, edge.Confidence);
}
[Fact]
public async Task ParseAsync_ReflectionEvent_ProducesRuntimeReflectionEdge()
{
var ndjson = """
{"type":"java.reflection.access","ts":"2025-12-10T10:00:03.000Z","target_class":"com/example/DynamicClass","reflection_method":"Class.forName","initiating_class":"com/example/Reflector"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Single(result.RuntimeEdges);
Assert.Single(result.RuntimeEntrypoints);
var edge = result.RuntimeEdges[0];
Assert.Equal(JavaRuntimeEdgeType.RuntimeReflection, edge.EdgeType);
Assert.Equal(JavaRuntimeEdgeReason.ClassForName, edge.Reason);
Assert.Equal(0.9, edge.Confidence);
var entrypoint = result.RuntimeEntrypoints[0];
Assert.Equal(JavaRuntimeEntrypointType.ReflectionTarget, entrypoint.EntrypointType);
}
[Fact]
public async Task ParseAsync_ResourceAccessEvent_ProducesEdgeOnlyWhenFound()
{
var ndjson = """
{"type":"java.resource.access","ts":"2025-12-10T10:00:04.000Z","resource_name":"config.properties","source":"/app/conf.jar","initiating_class":"com/example/ConfigLoader","found":true}
{"type":"java.resource.access","ts":"2025-12-10T10:00:05.000Z","resource_name":"missing.properties","initiating_class":"com/example/ConfigLoader","found":false}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Equal(2, result.Events.Length);
Assert.Single(result.RuntimeEdges); // Only found=true produces edge
var edge = result.RuntimeEdges[0];
Assert.Equal(JavaRuntimeEdgeType.RuntimeResource, edge.EdgeType);
Assert.Equal("config.properties", edge.TargetClass);
}
[Fact]
public async Task ParseAsync_ModuleResolveEvent_ProducesRuntimeModuleEdge()
{
var ndjson = """
{"type":"java.module.resolve","ts":"2025-12-10T10:00:06.000Z","module_name":"com.example.api","module_location":"file:///app/lib/api.jar","required_by":"com.example.app","is_open":false}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Single(result.RuntimeEdges);
var edge = result.RuntimeEdges[0];
Assert.Equal(JavaRuntimeEdgeType.RuntimeModule, edge.EdgeType);
Assert.Equal("com.example.app", edge.SourceClass);
Assert.Equal("com.example.api", edge.TargetClass);
Assert.Equal(JavaRuntimeEdgeReason.ModuleRequires, edge.Reason);
}
[Fact]
public async Task ParseAsync_DeduplicatesEdgesByDefault()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"com/example/MyService","class_loader":"app","initiating_class":"com/example/Main"}
{"type":"java.class.load","ts":"2025-12-10T10:00:01.000Z","class_name":"com/example/MyService","class_loader":"app","initiating_class":"com/example/Main"}
{"type":"java.class.load","ts":"2025-12-10T10:00:02.000Z","class_name":"com/example/MyService","class_loader":"app","initiating_class":"com/example/Main"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Equal(3, result.Events.Length);
Assert.Single(result.RuntimeEdges); // Deduplicated
}
[Fact]
public async Task ParseAsync_WithDeduplicationDisabled_ProducesAllEdges()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"com/example/MyService","class_loader":"app","initiating_class":"com/example/Main"}
{"type":"java.class.load","ts":"2025-12-10T10:00:01.000Z","class_name":"com/example/MyService","class_loader":"app","initiating_class":"com/example/Main"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var config = new JavaRuntimeIngestionConfig(DeduplicateEdges: false);
var result = await JavaRuntimeIngestor.IngestAsync(stream, config);
Assert.Equal(2, result.RuntimeEdges.Length); // Not deduplicated
}
[Fact]
public async Task ParseAsync_FiltersJdkClassesByDefault()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"java/lang/String","class_loader":"bootstrap","initiating_class":"com/example/Main"}
{"type":"java.class.load","ts":"2025-12-10T10:00:01.000Z","class_name":"com/example/MyClass","class_loader":"app","initiating_class":"com/example/Main"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Single(result.Events);
Assert.Single(result.RuntimeEdges);
Assert.Equal("com/example/MyClass", result.RuntimeEdges[0].TargetClass);
}
[Fact]
public async Task ParseAsync_IncludesJdkClassesWhenConfigured()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"java/lang/String","class_loader":"bootstrap","initiating_class":"com/example/Main"}
{"type":"java.class.load","ts":"2025-12-10T10:00:01.000Z","class_name":"com/example/MyClass","class_loader":"app","initiating_class":"com/example/Main"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var config = new JavaRuntimeIngestionConfig(IncludeJdkClasses: true);
var result = await JavaRuntimeIngestor.IngestAsync(stream, config);
Assert.Equal(2, result.Events.Length);
Assert.Equal(2, result.RuntimeEdges.Length);
}
[Fact]
public async Task ParseAsync_RespectsMaxEventsLimit()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"com/example/Class1","class_loader":"app"}
{"type":"java.class.load","ts":"2025-12-10T10:00:01.000Z","class_name":"com/example/Class2","class_loader":"app"}
{"type":"java.class.load","ts":"2025-12-10T10:00:02.000Z","class_name":"com/example/Class3","class_loader":"app"}
{"type":"java.class.load","ts":"2025-12-10T10:00:03.000Z","class_name":"com/example/Class4","class_loader":"app"}
{"type":"java.class.load","ts":"2025-12-10T10:00:04.000Z","class_name":"com/example/Class5","class_loader":"app"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var config = new JavaRuntimeIngestionConfig(MaxEvents: 3);
var result = await JavaRuntimeIngestor.IngestAsync(stream, config);
Assert.Equal(3, result.Events.Length);
Assert.Single(result.Warnings);
Assert.Equal("MAX_EVENTS_REACHED", result.Warnings[0].WarningCode);
}
[Fact]
public async Task ParseAsync_ComputesContentHash()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"com/example/MyClass","class_loader":"app"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.NotEmpty(result.ContentHash);
Assert.Equal(64, result.ContentHash.Length); // SHA-256 hex is 64 chars
}
[Fact]
public async Task ParseAsync_SamContentProducesSameHash()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"com/example/MyClass","class_loader":"app"}
""";
using var stream1 = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
using var stream2 = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result1 = await JavaRuntimeIngestor.IngestAsync(stream1);
var result2 = await JavaRuntimeIngestor.IngestAsync(stream2);
Assert.Equal(result1.ContentHash, result2.ContentHash);
}
[Fact]
public async Task ParseAsync_PopulatesSummaryStatistics()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"com/example/Class1","class_loader":"app"}
{"type":"java.class.load","ts":"2025-12-10T10:00:01.000Z","class_name":"com/example/Class2","class_loader":"app"}
{"type":"java.service.load","ts":"2025-12-10T10:00:02.000Z","service_interface":"spi/Service","providers":[]}
{"type":"java.native.load","ts":"2025-12-10T10:00:03.000Z","library_name":"native","load_method":"System.loadLibrary","success":true}
{"type":"java.reflection.access","ts":"2025-12-10T10:00:04.000Z","target_class":"com/example/Dynamic","reflection_method":"Class.forName"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Equal(2, result.Summary.ClassLoadCount);
Assert.Equal(1, result.Summary.ServiceLoaderCount);
Assert.Equal(1, result.Summary.NativeLoadCount);
Assert.Equal(1, result.Summary.ReflectionCount);
Assert.Equal(DateTimeOffset.Parse("2025-12-10T10:00:00.000Z"), result.Summary.StartTime);
Assert.Equal(DateTimeOffset.Parse("2025-12-10T10:00:04.000Z"), result.Summary.EndTime);
}
[Fact]
public async Task ParseAsync_HandlesInvalidJson_ProducesWarning()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"com/example/Class1","class_loader":"app"}
{invalid json}
{"type":"java.class.load","ts":"2025-12-10T10:00:02.000Z","class_name":"com/example/Class2","class_loader":"app"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Equal(2, result.Events.Length); // Valid events parsed
Assert.Single(result.Warnings);
Assert.Equal("PARSE_ERROR", result.Warnings[0].WarningCode);
Assert.Equal(2, result.Warnings[0].Line);
}
[Fact]
public async Task ParseAsync_SkipsUnknownEventTypes()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"com/example/Class1","class_loader":"app"}
{"type":"java.unknown.event","ts":"2025-12-10T10:00:01.000Z","data":"something"}
{"type":"java.class.load","ts":"2025-12-10T10:00:02.000Z","class_name":"com/example/Class2","class_loader":"app"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Equal(2, result.Events.Length); // Only known event types
Assert.Empty(result.Warnings);
}
[Fact]
public async Task ParseAsync_HandlesEmptyStream()
{
using var stream = new MemoryStream(Array.Empty<byte>());
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Empty(result.Events);
Assert.Empty(result.RuntimeEdges);
Assert.Empty(result.Warnings);
}
[Fact]
public async Task ParseAsync_ComputesPathHash_WhenScrubPathsEnabled()
{
var ndjson = """
{"type":"java.class.load","ts":"2025-12-10T10:00:00.000Z","class_name":"com/example/Class1","class_loader":"app","source":"/app/lib/my.jar"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var config = new JavaRuntimeIngestionConfig(ScrubPaths: true);
var result = await JavaRuntimeIngestor.IngestAsync(stream, config);
var evt = result.Events[0] as JavaClassLoadEvent;
Assert.NotNull(evt);
Assert.NotNull(evt.SourceHash);
Assert.Equal(64, evt.SourceHash.Length);
}
[Fact]
public void ComputePathHash_NormalizesPathSeparators()
{
var windowsPath = "C:\\app\\lib\\my.jar";
var unixPath = "C:/app/lib/my.jar";
var hash1 = JavaRuntimeEventParser.ComputePathHash(windowsPath);
var hash2 = JavaRuntimeEventParser.ComputePathHash(unixPath);
Assert.Equal(hash1, hash2);
}
[Fact]
public async Task ParseAsync_TracksEntrypointInvocationCounts()
{
var ndjson = """
{"type":"java.reflection.access","ts":"2025-12-10T10:00:00.000Z","target_class":"com/example/Dynamic","reflection_method":"Class.forName","initiating_class":"com/example/A"}
{"type":"java.reflection.access","ts":"2025-12-10T10:00:01.000Z","target_class":"com/example/Dynamic","reflection_method":"Class.forName","initiating_class":"com/example/B"}
{"type":"java.reflection.access","ts":"2025-12-10T10:00:02.000Z","target_class":"com/example/Dynamic","reflection_method":"Class.forName","initiating_class":"com/example/C"}
""";
using var stream = new MemoryStream(Encoding.UTF8.GetBytes(ndjson));
var result = await JavaRuntimeIngestor.IngestAsync(stream);
Assert.Single(result.RuntimeEntrypoints);
var entrypoint = result.RuntimeEntrypoints[0];
Assert.Equal("com/example/Dynamic", entrypoint.ClassName);
Assert.Equal(3, entrypoint.InvocationCount);
Assert.Equal(DateTimeOffset.Parse("2025-12-10T10:00:00.000Z"), entrypoint.FirstSeen);
}
}

100
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests/Fixtures/lang/php/basic/expected.json
View File

@@ -1,4 +1,98 @@
[
{
"analyzerId": "php",
"componentKey": "php::project-summary",
"name": "PHP Project Summary",
"type": "php-project",
"usedByEntrypoint": false,
"metadata": {
"autoload.bin_count": "0",
"autoload.classmap_count": "0",
"autoload.edge_count": "0",
"autoload.files_count": "0",
"autoload.plugin_count": "0",
"autoload.psr0_count": "0",
"autoload.psr4_count": "0",
"capability.critical_risk_count": "0",
"capability.has_crypto": "false",
"capability.has_database": "false",
"capability.has_dynamic_code": "false",
"capability.has_environment": "false",
"capability.has_exec": "false",
"capability.has_filesystem": "false",
"capability.has_network": "false",
"capability.has_reflection": "false",
"capability.has_serialization": "false",
"capability.has_session": "false",
"capability.has_stream_wrapper": "false",
"capability.has_upload": "false",
"capability.high_risk_count": "0",
"capability.low_risk_count": "0",
"capability.medium_risk_count": "0",
"capability.total_count": "0",
"capability.unique_function_count": "0",
"conflict.count": "0",
"conflict.detected": "false",
"env.extension_count": "13",
"env.extensions_core": "11",
"env.extensions_crypto": "1",
"env.extensions_text": "1",
"error.display_errors": "false",
"error.display_startup_errors": "false",
"error.log_errors": "true",
"ffi.detected": "false",
"ffi.enabled_setting": "unknown",
"ffi.usage_count": "0",
"include.bootstrap_chain_count": "0",
"include.dynamic_count": "0",
"include.edge_count": "0",
"include.include_count": "0",
"include.require_count": "0",
"include.static_count": "0",
"limits.max_execution_time": "30",
"limits.max_input_time": "60",
"limits.max_input_vars": "1000",
"limits.memory_limit": "128M",
"phar.archive_count": "0",
"phar.archives_with_vendor": "0",
"phar.total_archived_files": "0",
"phar.usage_count": "0",
"php.config.entry_count": "0",
"php.project.file_count": "1",
"php.project.uses_composer": "true",
"security.allow_url_fopen": "true",
"security.allow_url_include": "false",
"security.disabled_classes_count": "0",
"security.disabled_functions_count": "0",
"security.expose_php": "true",
"security.open_basedir": "false",
"session.cookie_httponly": "false",
"session.cookie_secure": "false",
"session.save_handler": "files",
"surface.cli_command_count": "0",
"surface.controller_count": "0",
"surface.cron_job_count": "0",
"surface.event_listener_count": "0",
"surface.http_methods": "",
"surface.middleware_count": "0",
"surface.protected_routes": "0",
"surface.public_routes": "0",
"surface.route_count": "0",
"upload.enabled": "true",
"upload.max_file_size": "2M",
"upload.max_files": "20",
"upload.max_post_size": "8M"
},
"evidence": [
{
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "1\u002B1 packages",
"sha256": "885d825c2fcde1ce56a468ef193ef63a815d357f11465e29f382d9777d9a5706"
}
]
},
{
"analyzerId": "php",
"componentKey": "purl::pkg:composer/laravel/framework@10.48.7",
@@ -10,7 +104,7 @@
"metadata": {
"composer.autoload.classmap": "src/Illuminate/Support/helpers.php",
"composer.autoload.files": "src/Illuminate/Foundation/helpers.php",
"composer.autoload.psr4": "Illuminate\\->src/Illuminate;Laravel\\->src/Laravel;Laravel\\->src/Laravel/Support",
"composer.autoload.psr4": "Illuminate\\-\u003Esrc/Illuminate;Laravel\\-\u003Esrc/Laravel;Laravel\\-\u003Esrc/Laravel/Support",
"composer.content_hash": "e01f9b7d7f4b23a6d1ad3b8e91c1c4ae",
"composer.dev": "false",
"composer.dist.sha256": "6f1b4c0908a5c2fdc3fbc0351d1a8f5f",
@@ -41,7 +135,7 @@
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.files": "src/Framework/Assert/Functions.php",
"composer.autoload.psr4": "PHPUnit\\Framework\\->src/Framework",
"composer.autoload.psr4": "PHPUnit\\Framework\\-\u003Esrc/Framework",
"composer.content_hash": "e01f9b7d7f4b23a6d1ad3b8e91c1c4ae",
"composer.dev": "true",
"composer.plugin_api_version": "2.6.0",
@@ -60,4 +154,4 @@
}
]
}
]
]

129
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests/Fixtures/lang/php/container/expected.json
View File

@@ -1,4 +1,98 @@
[
{
"analyzerId": "php",
"componentKey": "php::project-summary",
"name": "PHP Project Summary",
"type": "php-project",
"usedByEntrypoint": false,
"metadata": {
"autoload.bin_count": "0",
"autoload.classmap_count": "0",
"autoload.edge_count": "0",
"autoload.files_count": "0",
"autoload.plugin_count": "0",
"autoload.psr0_count": "0",
"autoload.psr4_count": "0",
"capability.critical_risk_count": "0",
"capability.has_crypto": "false",
"capability.has_database": "false",
"capability.has_dynamic_code": "false",
"capability.has_environment": "false",
"capability.has_exec": "false",
"capability.has_filesystem": "false",
"capability.has_network": "false",
"capability.has_reflection": "false",
"capability.has_serialization": "false",
"capability.has_session": "false",
"capability.has_stream_wrapper": "false",
"capability.has_upload": "false",
"capability.high_risk_count": "0",
"capability.low_risk_count": "0",
"capability.medium_risk_count": "0",
"capability.total_count": "0",
"capability.unique_function_count": "0",
"conflict.count": "0",
"conflict.detected": "false",
"env.extension_count": "13",
"env.extensions_core": "11",
"env.extensions_crypto": "1",
"env.extensions_text": "1",
"error.display_errors": "false",
"error.display_startup_errors": "false",
"error.log_errors": "true",
"ffi.detected": "false",
"ffi.enabled_setting": "unknown",
"ffi.usage_count": "0",
"include.bootstrap_chain_count": "0",
"include.dynamic_count": "0",
"include.edge_count": "0",
"include.include_count": "0",
"include.require_count": "0",
"include.static_count": "0",
"limits.max_execution_time": "30",
"limits.max_input_time": "60",
"limits.max_input_vars": "1000",
"limits.memory_limit": "128M",
"phar.archive_count": "0",
"phar.archives_with_vendor": "0",
"phar.total_archived_files": "0",
"phar.usage_count": "0",
"php.config.entry_count": "0",
"php.project.file_count": "1",
"php.project.uses_composer": "true",
"security.allow_url_fopen": "true",
"security.allow_url_include": "false",
"security.disabled_classes_count": "0",
"security.disabled_functions_count": "0",
"security.expose_php": "true",
"security.open_basedir": "false",
"session.cookie_httponly": "false",
"session.cookie_secure": "false",
"session.save_handler": "files",
"surface.cli_command_count": "0",
"surface.controller_count": "0",
"surface.cron_job_count": "0",
"surface.event_listener_count": "0",
"surface.http_methods": "",
"surface.middleware_count": "0",
"surface.protected_routes": "0",
"surface.public_routes": "0",
"surface.route_count": "0",
"upload.enabled": "true",
"upload.max_file_size": "2M",
"upload.max_files": "20",
"upload.max_post_size": "8M"
},
"evidence": [
{
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "6\u002B1 packages",
"sha256": "5f813aa4438f14fbe5bb3a8b3b88aa4a482d88cf5063f33ae3c4921e6aac98ab"
}
]
},
{
"analyzerId": "php",
"componentKey": "purl::pkg:composer/ext-mongodb@1.17.0",
@@ -10,6 +104,7 @@
"metadata": {
"composer.content_hash": "f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0e1",
"composer.dev": "false",
"composer.dist.url": "https://pecl.php.net/get/mongodb-1.17.0.tgz",
"composer.plugin_api_version": "2.6.0",
"composer.type": "php-ext"
},
@@ -18,7 +113,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "ext-mongodb@1.17.0"
"value": "ext-mongodb@1.17.0",
"sha256": "5f813aa4438f14fbe5bb3a8b3b88aa4a482d88cf5063f33ae3c4921e6aac98ab"
}
]
},
@@ -33,6 +129,7 @@
"metadata": {
"composer.content_hash": "f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0e1",
"composer.dev": "false",
"composer.dist.url": "https://pecl.php.net/get/redis-6.0.2.tgz",
"composer.plugin_api_version": "2.6.0",
"composer.type": "php-ext"
},
@@ -41,7 +138,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "ext-redis@6.0.2"
"value": "ext-redis@6.0.2",
"sha256": "5f813aa4438f14fbe5bb3a8b3b88aa4a482d88cf5063f33ae3c4921e6aac98ab"
}
]
},
@@ -55,7 +153,7 @@
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.files": "src/functions.php",
"composer.autoload.psr4": "MongoDB\\->src/",
"composer.autoload.psr4": "MongoDB\\-\u003Esrc/",
"composer.content_hash": "f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0e1",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -68,7 +166,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "mongodb/mongodb@1.17.0"
"value": "mongodb/mongodb@1.17.0",
"sha256": "5f813aa4438f14fbe5bb3a8b3b88aa4a482d88cf5063f33ae3c4921e6aac98ab"
}
]
},
@@ -81,7 +180,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "PHPUnit\\->src/",
"composer.autoload.psr4": "PHPUnit\\-\u003Esrc/",
"composer.content_hash": "f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0e1",
"composer.dev": "true",
"composer.plugin_api_version": "2.6.0",
@@ -95,7 +194,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "phpunit/phpunit@10.5.5"
"value": "phpunit/phpunit@10.5.5",
"sha256": "5f813aa4438f14fbe5bb3a8b3b88aa4a482d88cf5063f33ae3c4921e6aac98ab"
}
]
},
@@ -108,7 +208,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Predis\\->src/",
"composer.autoload.psr4": "Predis\\-\u003Esrc/",
"composer.content_hash": "f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0e1",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -121,7 +221,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "predis/predis@2.2.2"
"value": "predis/predis@2.2.2",
"sha256": "5f813aa4438f14fbe5bb3a8b3b88aa4a482d88cf5063f33ae3c4921e6aac98ab"
}
]
},
@@ -134,7 +235,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Psr\\Http\\Message\\->src/",
"composer.autoload.psr4": "Psr\\Http\\Message\\-\u003Esrc/",
"composer.content_hash": "f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0e1",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -147,7 +248,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "psr/http-message@2.0.0"
"value": "psr/http-message@2.0.0",
"sha256": "5f813aa4438f14fbe5bb3a8b3b88aa4a482d88cf5063f33ae3c4921e6aac98ab"
}
]
},
@@ -160,7 +262,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Slim\\->Slim",
"composer.autoload.psr4": "Slim\\-\u003ESlim",
"composer.content_hash": "f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0e1",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -174,8 +276,9 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "slim/slim@4.12.0"
"value": "slim/slim@4.12.0",
"sha256": "5f813aa4438f14fbe5bb3a8b3b88aa4a482d88cf5063f33ae3c4921e6aac98ab"
}
]
}
]
]

136
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests/Fixtures/lang/php/laravel-extended/expected.json
View File

@@ -1,4 +1,98 @@
[
{
"analyzerId": "php",
"componentKey": "php::project-summary",
"name": "PHP Project Summary",
"type": "php-project",
"usedByEntrypoint": false,
"metadata": {
"autoload.bin_count": "0",
"autoload.classmap_count": "0",
"autoload.edge_count": "0",
"autoload.files_count": "0",
"autoload.plugin_count": "0",
"autoload.psr0_count": "0",
"autoload.psr4_count": "0",
"capability.critical_risk_count": "0",
"capability.has_crypto": "false",
"capability.has_database": "false",
"capability.has_dynamic_code": "false",
"capability.has_environment": "false",
"capability.has_exec": "false",
"capability.has_filesystem": "false",
"capability.has_network": "false",
"capability.has_reflection": "false",
"capability.has_serialization": "false",
"capability.has_session": "false",
"capability.has_stream_wrapper": "false",
"capability.has_upload": "false",
"capability.high_risk_count": "0",
"capability.low_risk_count": "0",
"capability.medium_risk_count": "0",
"capability.total_count": "0",
"capability.unique_function_count": "0",
"conflict.count": "0",
"conflict.detected": "false",
"env.extension_count": "13",
"env.extensions_core": "11",
"env.extensions_crypto": "1",
"env.extensions_text": "1",
"error.display_errors": "false",
"error.display_startup_errors": "false",
"error.log_errors": "true",
"ffi.detected": "false",
"ffi.enabled_setting": "unknown",
"ffi.usage_count": "0",
"include.bootstrap_chain_count": "0",
"include.dynamic_count": "0",
"include.edge_count": "0",
"include.include_count": "0",
"include.require_count": "0",
"include.static_count": "0",
"limits.max_execution_time": "30",
"limits.max_input_time": "60",
"limits.max_input_vars": "1000",
"limits.memory_limit": "128M",
"phar.archive_count": "0",
"phar.archives_with_vendor": "0",
"phar.total_archived_files": "0",
"phar.usage_count": "0",
"php.config.entry_count": "0",
"php.project.file_count": "1",
"php.project.uses_composer": "true",
"security.allow_url_fopen": "true",
"security.allow_url_include": "false",
"security.disabled_classes_count": "0",
"security.disabled_functions_count": "0",
"security.expose_php": "true",
"security.open_basedir": "false",
"session.cookie_httponly": "false",
"session.cookie_secure": "false",
"session.save_handler": "files",
"surface.cli_command_count": "0",
"surface.controller_count": "0",
"surface.cron_job_count": "0",
"surface.event_listener_count": "0",
"surface.http_methods": "",
"surface.middleware_count": "0",
"surface.protected_routes": "0",
"surface.public_routes": "0",
"surface.route_count": "0",
"upload.enabled": "true",
"upload.max_file_size": "2M",
"upload.max_files": "20",
"upload.max_post_size": "8M"
},
"evidence": [
{
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "5\u002B3 packages",
"sha256": "ee160d98b55bcba1fe06bce503efd1953b36f8b3213b5b04bab3c70ec1a80fc8"
}
]
},
{
"analyzerId": "php",
"componentKey": "purl::pkg:composer/fakerphp/faker@1.23.1",
@@ -8,7 +102,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Faker\\->src/Faker/",
"composer.autoload.psr4": "Faker\\-\u003Esrc/Faker/",
"composer.content_hash": "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
"composer.dev": "true",
"composer.plugin_api_version": "2.6.0",
@@ -21,7 +115,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "fakerphp/faker@1.23.1"
"value": "fakerphp/faker@1.23.1",
"sha256": "ee160d98b55bcba1fe06bce503efd1953b36f8b3213b5b04bab3c70ec1a80fc8"
}
]
},
@@ -35,7 +130,7 @@
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.files": "src/functions_include.php",
"composer.autoload.psr4": "GuzzleHttp\\->src/",
"composer.autoload.psr4": "GuzzleHttp\\-\u003Esrc/",
"composer.content_hash": "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -48,7 +143,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "guzzlehttp/guzzle@7.8.1"
"value": "guzzlehttp/guzzle@7.8.1",
"sha256": "ee160d98b55bcba1fe06bce503efd1953b36f8b3213b5b04bab3c70ec1a80fc8"
}
]
},
@@ -62,7 +158,7 @@
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.files": "src/Illuminate/Foundation/helpers.php;src/Illuminate/Support/helpers.php",
"composer.autoload.psr4": "Illuminate\\->src/Illuminate",
"composer.autoload.psr4": "Illuminate\\-\u003Esrc/Illuminate",
"composer.content_hash": "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
"composer.dev": "false",
"composer.dist.sha256": "a1b2c3d4e5f6a7b8c9d0",
@@ -78,7 +174,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "laravel/framework@11.0.0"
"value": "laravel/framework@11.0.0",
"sha256": "ee160d98b55bcba1fe06bce503efd1953b36f8b3213b5b04bab3c70ec1a80fc8"
}
]
},
@@ -92,7 +189,7 @@
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.files": "library/helpers.php",
"composer.autoload.psr4": "Mockery\\->library/Mockery",
"composer.autoload.psr4": "Mockery\\-\u003Elibrary/Mockery",
"composer.content_hash": "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
"composer.dev": "true",
"composer.plugin_api_version": "2.6.0",
@@ -105,7 +202,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "mockery/mockery@1.6.7"
"value": "mockery/mockery@1.6.7",
"sha256": "ee160d98b55bcba1fe06bce503efd1953b36f8b3213b5b04bab3c70ec1a80fc8"
}
]
},
@@ -118,7 +216,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Monolog\\->src/Monolog",
"composer.autoload.psr4": "Monolog\\-\u003Esrc/Monolog",
"composer.content_hash": "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -131,7 +229,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "monolog/monolog@3.5.0"
"value": "monolog/monolog@3.5.0",
"sha256": "ee160d98b55bcba1fe06bce503efd1953b36f8b3213b5b04bab3c70ec1a80fc8"
}
]
},
@@ -145,7 +244,7 @@
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.classmap": "src/Framework/Assert.php",
"composer.autoload.psr4": "PHPUnit\\->src/",
"composer.autoload.psr4": "PHPUnit\\-\u003Esrc/",
"composer.content_hash": "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
"composer.dev": "true",
"composer.plugin_api_version": "2.6.0",
@@ -159,7 +258,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "phpunit/phpunit@11.0.0"
"value": "phpunit/phpunit@11.0.0",
"sha256": "ee160d98b55bcba1fe06bce503efd1953b36f8b3213b5b04bab3c70ec1a80fc8"
}
]
},
@@ -172,7 +272,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Psr\\Log\\->src",
"composer.autoload.psr4": "Psr\\Log\\-\u003Esrc",
"composer.content_hash": "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -185,7 +285,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "psr/log@3.0.0"
"value": "psr/log@3.0.0",
"sha256": "ee160d98b55bcba1fe06bce503efd1953b36f8b3213b5b04bab3c70ec1a80fc8"
}
]
},
@@ -198,7 +299,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Dotenv\\->src/",
"composer.autoload.psr4": "Dotenv\\-\u003Esrc/",
"composer.content_hash": "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -211,8 +312,9 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "vlucas/phpdotenv@5.6.0"
"value": "vlucas/phpdotenv@5.6.0",
"sha256": "ee160d98b55bcba1fe06bce503efd1953b36f8b3213b5b04bab3c70ec1a80fc8"
}
]
}
]
]

105
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests/Fixtures/lang/php/legacy/expected.json
View File

@@ -1,4 +1,98 @@
[
{
"analyzerId": "php",
"componentKey": "php::project-summary",
"name": "PHP Project Summary",
"type": "php-project",
"usedByEntrypoint": false,
"metadata": {
"autoload.bin_count": "0",
"autoload.classmap_count": "0",
"autoload.edge_count": "0",
"autoload.files_count": "0",
"autoload.plugin_count": "0",
"autoload.psr0_count": "0",
"autoload.psr4_count": "0",
"capability.critical_risk_count": "0",
"capability.has_crypto": "false",
"capability.has_database": "false",
"capability.has_dynamic_code": "false",
"capability.has_environment": "false",
"capability.has_exec": "false",
"capability.has_filesystem": "false",
"capability.has_network": "false",
"capability.has_reflection": "false",
"capability.has_serialization": "false",
"capability.has_session": "false",
"capability.has_stream_wrapper": "false",
"capability.has_upload": "false",
"capability.high_risk_count": "0",
"capability.low_risk_count": "0",
"capability.medium_risk_count": "0",
"capability.total_count": "0",
"capability.unique_function_count": "0",
"conflict.count": "0",
"conflict.detected": "false",
"env.extension_count": "13",
"env.extensions_core": "11",
"env.extensions_crypto": "1",
"env.extensions_text": "1",
"error.display_errors": "false",
"error.display_startup_errors": "false",
"error.log_errors": "true",
"ffi.detected": "false",
"ffi.enabled_setting": "unknown",
"ffi.usage_count": "0",
"include.bootstrap_chain_count": "0",
"include.dynamic_count": "0",
"include.edge_count": "0",
"include.include_count": "0",
"include.require_count": "0",
"include.static_count": "0",
"limits.max_execution_time": "30",
"limits.max_input_time": "60",
"limits.max_input_vars": "1000",
"limits.memory_limit": "128M",
"phar.archive_count": "0",
"phar.archives_with_vendor": "0",
"phar.total_archived_files": "0",
"phar.usage_count": "0",
"php.config.entry_count": "0",
"php.project.file_count": "1",
"php.project.uses_composer": "true",
"security.allow_url_fopen": "true",
"security.allow_url_include": "false",
"security.disabled_classes_count": "0",
"security.disabled_functions_count": "0",
"security.expose_php": "true",
"security.open_basedir": "false",
"session.cookie_httponly": "false",
"session.cookie_secure": "false",
"session.save_handler": "files",
"surface.cli_command_count": "0",
"surface.controller_count": "0",
"surface.cron_job_count": "0",
"surface.event_listener_count": "0",
"surface.http_methods": "",
"surface.middleware_count": "0",
"surface.protected_routes": "0",
"surface.public_routes": "0",
"surface.route_count": "0",
"upload.enabled": "true",
"upload.max_file_size": "2M",
"upload.max_files": "20",
"upload.max_post_size": "8M"
},
"evidence": [
{
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "3\u002B0 packages",
"sha256": "5a2a5a9e653654392cfdb23d7d7b980bad1be38cd91fd324d966dd913be1894b"
}
]
},
{
"analyzerId": "php",
"componentKey": "purl::pkg:composer/pear/mail@1.6.0",
@@ -21,7 +115,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "pear/mail@1.6.0"
"value": "pear/mail@1.6.0",
"sha256": "5a2a5a9e653654392cfdb23d7d7b980bad1be38cd91fd324d966dd913be1894b"
}
]
},
@@ -47,7 +142,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "phpmailer/phpmailer@5.2.28"
"value": "phpmailer/phpmailer@5.2.28",
"sha256": "5a2a5a9e653654392cfdb23d7d7b980bad1be38cd91fd324d966dd913be1894b"
}
]
},
@@ -72,8 +168,9 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "zendframework/zend-mvc@2.7.0"
"value": "zendframework/zend-mvc@2.7.0",
"sha256": "5a2a5a9e653654392cfdb23d7d7b980bad1be38cd91fd324d966dd913be1894b"
}
]
}
]
]

119
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests/Fixtures/lang/php/phar/expected.json
View File

@@ -1,4 +1,98 @@
[
{
"analyzerId": "php",
"componentKey": "php::project-summary",
"name": "PHP Project Summary",
"type": "php-project",
"usedByEntrypoint": false,
"metadata": {
"autoload.bin_count": "0",
"autoload.classmap_count": "0",
"autoload.edge_count": "0",
"autoload.files_count": "0",
"autoload.plugin_count": "0",
"autoload.psr0_count": "0",
"autoload.psr4_count": "0",
"capability.critical_risk_count": "0",
"capability.has_crypto": "false",
"capability.has_database": "false",
"capability.has_dynamic_code": "false",
"capability.has_environment": "false",
"capability.has_exec": "false",
"capability.has_filesystem": "false",
"capability.has_network": "false",
"capability.has_reflection": "false",
"capability.has_serialization": "false",
"capability.has_session": "false",
"capability.has_stream_wrapper": "false",
"capability.has_upload": "false",
"capability.high_risk_count": "0",
"capability.low_risk_count": "0",
"capability.medium_risk_count": "0",
"capability.total_count": "0",
"capability.unique_function_count": "0",
"conflict.count": "0",
"conflict.detected": "false",
"env.extension_count": "13",
"env.extensions_core": "11",
"env.extensions_crypto": "1",
"env.extensions_text": "1",
"error.display_errors": "false",
"error.display_startup_errors": "false",
"error.log_errors": "true",
"ffi.detected": "false",
"ffi.enabled_setting": "unknown",
"ffi.usage_count": "0",
"include.bootstrap_chain_count": "0",
"include.dynamic_count": "0",
"include.edge_count": "0",
"include.include_count": "0",
"include.require_count": "0",
"include.static_count": "0",
"limits.max_execution_time": "30",
"limits.max_input_time": "60",
"limits.max_input_vars": "1000",
"limits.memory_limit": "128M",
"phar.archive_count": "0",
"phar.archives_with_vendor": "0",
"phar.total_archived_files": "0",
"phar.usage_count": "0",
"php.config.entry_count": "0",
"php.project.file_count": "1",
"php.project.uses_composer": "true",
"security.allow_url_fopen": "true",
"security.allow_url_include": "false",
"security.disabled_classes_count": "0",
"security.disabled_functions_count": "0",
"security.expose_php": "true",
"security.open_basedir": "false",
"session.cookie_httponly": "false",
"session.cookie_secure": "false",
"session.save_handler": "files",
"surface.cli_command_count": "0",
"surface.controller_count": "0",
"surface.cron_job_count": "0",
"surface.event_listener_count": "0",
"surface.http_methods": "",
"surface.middleware_count": "0",
"surface.protected_routes": "0",
"surface.public_routes": "0",
"surface.route_count": "0",
"upload.enabled": "true",
"upload.max_file_size": "2M",
"upload.max_files": "20",
"upload.max_post_size": "8M"
},
"evidence": [
{
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "4\u002B1 packages",
"sha256": "ad034928dcc559b03ed90036d87849a60051bca7190aa01ca8085d5363f4eb5a"
}
]
},
{
"analyzerId": "php",
"componentKey": "purl::pkg:composer/composer/composer@2.6.6",
@@ -8,7 +102,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Composer\\->src/Composer",
"composer.autoload.psr4": "Composer\\-\u003Esrc/Composer",
"composer.content_hash": "e5f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -21,7 +115,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "composer/composer@2.6.6"
"value": "composer/composer@2.6.6",
"sha256": "ad034928dcc559b03ed90036d87849a60051bca7190aa01ca8085d5363f4eb5a"
}
]
},
@@ -34,7 +129,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "PharIo\\Manifest\\->src/",
"composer.autoload.psr4": "PharIo\\Manifest\\-\u003Esrc/",
"composer.content_hash": "e5f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -47,7 +142,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "phar-io/manifest@2.0.3"
"value": "phar-io/manifest@2.0.3",
"sha256": "ad034928dcc559b03ed90036d87849a60051bca7190aa01ca8085d5363f4eb5a"
}
]
},
@@ -60,7 +156,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "PharIo\\Version\\->src/",
"composer.autoload.psr4": "PharIo\\Version\\-\u003Esrc/",
"composer.content_hash": "e5f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -73,7 +169,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "phar-io/version@3.2.1"
"value": "phar-io/version@3.2.1",
"sha256": "ad034928dcc559b03ed90036d87849a60051bca7190aa01ca8085d5363f4eb5a"
}
]
},
@@ -100,7 +197,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "phpstan/phpstan@1.10.50"
"value": "phpstan/phpstan@1.10.50",
"sha256": "ad034928dcc559b03ed90036d87849a60051bca7190aa01ca8085d5363f4eb5a"
}
]
},
@@ -113,7 +211,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "PHPUnit\\->src/",
"composer.autoload.psr4": "PHPUnit\\-\u003Esrc/",
"composer.content_hash": "e5f6a7b8c9d0e1f2a3b4c5d6a7b8c9d0",
"composer.dev": "true",
"composer.plugin_api_version": "2.6.0",
@@ -127,8 +225,9 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "phpunit/phpunit@10.5.5"
"value": "phpunit/phpunit@10.5.5",
"sha256": "ad034928dcc559b03ed90036d87849a60051bca7190aa01ca8085d5363f4eb5a"
}
]
}
]
]

131
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests/Fixtures/lang/php/symfony/expected.json
View File

@@ -1,4 +1,98 @@
[
{
"analyzerId": "php",
"componentKey": "php::project-summary",
"name": "PHP Project Summary",
"type": "php-project",
"usedByEntrypoint": false,
"metadata": {
"autoload.bin_count": "0",
"autoload.classmap_count": "0",
"autoload.edge_count": "0",
"autoload.files_count": "0",
"autoload.plugin_count": "0",
"autoload.psr0_count": "0",
"autoload.psr4_count": "0",
"capability.critical_risk_count": "0",
"capability.has_crypto": "false",
"capability.has_database": "false",
"capability.has_dynamic_code": "false",
"capability.has_environment": "false",
"capability.has_exec": "false",
"capability.has_filesystem": "false",
"capability.has_network": "false",
"capability.has_reflection": "false",
"capability.has_serialization": "false",
"capability.has_session": "false",
"capability.has_stream_wrapper": "false",
"capability.has_upload": "false",
"capability.high_risk_count": "0",
"capability.low_risk_count": "0",
"capability.medium_risk_count": "0",
"capability.total_count": "0",
"capability.unique_function_count": "0",
"conflict.count": "0",
"conflict.detected": "false",
"env.extension_count": "13",
"env.extensions_core": "11",
"env.extensions_crypto": "1",
"env.extensions_text": "1",
"error.display_errors": "false",
"error.display_startup_errors": "false",
"error.log_errors": "true",
"ffi.detected": "false",
"ffi.enabled_setting": "unknown",
"ffi.usage_count": "0",
"include.bootstrap_chain_count": "0",
"include.dynamic_count": "0",
"include.edge_count": "0",
"include.include_count": "0",
"include.require_count": "0",
"include.static_count": "0",
"limits.max_execution_time": "30",
"limits.max_input_time": "60",
"limits.max_input_vars": "1000",
"limits.memory_limit": "128M",
"phar.archive_count": "0",
"phar.archives_with_vendor": "0",
"phar.total_archived_files": "0",
"phar.usage_count": "0",
"php.config.entry_count": "0",
"php.project.file_count": "1",
"php.project.uses_composer": "true",
"security.allow_url_fopen": "true",
"security.allow_url_include": "false",
"security.disabled_classes_count": "0",
"security.disabled_functions_count": "0",
"security.expose_php": "true",
"security.open_basedir": "false",
"session.cookie_httponly": "false",
"session.cookie_secure": "false",
"session.save_handler": "files",
"surface.cli_command_count": "0",
"surface.controller_count": "0",
"surface.cron_job_count": "0",
"surface.event_listener_count": "0",
"surface.http_methods": "",
"surface.middleware_count": "0",
"surface.protected_routes": "0",
"surface.public_routes": "0",
"surface.route_count": "0",
"upload.enabled": "true",
"upload.max_file_size": "2M",
"upload.max_files": "20",
"upload.max_post_size": "8M"
},
"evidence": [
{
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "5\u002B2 packages",
"sha256": "28aab8390502e25fc7035ffb7d58d31d022f0523e5a9886b231e584944a8637b"
}
]
},
{
"analyzerId": "php",
"componentKey": "purl::pkg:composer/doctrine/orm@3.0.0",
@@ -8,7 +102,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Doctrine\\ORM\\->src",
"composer.autoload.psr4": "Doctrine\\ORM\\-\u003Esrc",
"composer.content_hash": "b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6a7",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -21,7 +115,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "doctrine/orm@3.0.0"
"value": "doctrine/orm@3.0.0",
"sha256": "28aab8390502e25fc7035ffb7d58d31d022f0523e5a9886b231e584944a8637b"
}
]
},
@@ -34,7 +129,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "PHPUnit\\->src/",
"composer.autoload.psr4": "PHPUnit\\-\u003Esrc/",
"composer.content_hash": "b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6a7",
"composer.dev": "true",
"composer.plugin_api_version": "2.6.0",
@@ -48,7 +143,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "phpunit/phpunit@10.5.0"
"value": "phpunit/phpunit@10.5.0",
"sha256": "28aab8390502e25fc7035ffb7d58d31d022f0523e5a9886b231e584944a8637b"
}
]
},
@@ -61,7 +157,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Symfony\\Component\\Console\\->",
"composer.autoload.psr4": "Symfony\\Component\\Console\\-\u003E",
"composer.content_hash": "b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6a7",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -74,7 +170,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "symfony/console@7.0.0"
"value": "symfony/console@7.0.0",
"sha256": "28aab8390502e25fc7035ffb7d58d31d022f0523e5a9886b231e584944a8637b"
}
]
},
@@ -87,7 +184,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Symfony\\Component\\HttpFoundation\\->",
"composer.autoload.psr4": "Symfony\\Component\\HttpFoundation\\-\u003E",
"composer.content_hash": "b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6a7",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -100,7 +197,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "symfony/http-foundation@7.0.0"
"value": "symfony/http-foundation@7.0.0",
"sha256": "28aab8390502e25fc7035ffb7d58d31d022f0523e5a9886b231e584944a8637b"
}
]
},
@@ -113,7 +211,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Symfony\\Bridge\\PhpUnit\\->",
"composer.autoload.psr4": "Symfony\\Bridge\\PhpUnit\\-\u003E",
"composer.content_hash": "b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6a7",
"composer.dev": "true",
"composer.plugin_api_version": "2.6.0",
@@ -126,7 +224,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "symfony/phpunit-bridge@7.0.0"
"value": "symfony/phpunit-bridge@7.0.0",
"sha256": "28aab8390502e25fc7035ffb7d58d31d022f0523e5a9886b231e584944a8637b"
}
]
},
@@ -140,7 +239,7 @@
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.classmap": "src/Symfony/Component/HttpKernel/Kernel.php",
"composer.autoload.psr4": "Symfony\\->src/Symfony",
"composer.autoload.psr4": "Symfony\\-\u003Esrc/Symfony",
"composer.content_hash": "b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6a7",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -154,7 +253,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "symfony/symfony@7.0.0"
"value": "symfony/symfony@7.0.0",
"sha256": "28aab8390502e25fc7035ffb7d58d31d022f0523e5a9886b231e584944a8637b"
}
]
},
@@ -167,7 +267,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Twig\\->src/",
"composer.autoload.psr4": "Twig\\-\u003Esrc/",
"composer.content_hash": "b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6a7",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -180,8 +280,9 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "twig/twig@3.8.0"
"value": "twig/twig@3.8.0",
"sha256": "28aab8390502e25fc7035ffb7d58d31d022f0523e5a9886b231e584944a8637b"
}
]
}
]
]

120
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests/Fixtures/lang/php/wordpress/expected.json
View File

@@ -1,4 +1,98 @@
[
{
"analyzerId": "php",
"componentKey": "php::project-summary",
"name": "PHP Project Summary",
"type": "php-project",
"usedByEntrypoint": false,
"metadata": {
"autoload.bin_count": "0",
"autoload.classmap_count": "0",
"autoload.edge_count": "0",
"autoload.files_count": "0",
"autoload.plugin_count": "0",
"autoload.psr0_count": "0",
"autoload.psr4_count": "0",
"capability.critical_risk_count": "0",
"capability.has_crypto": "false",
"capability.has_database": "false",
"capability.has_dynamic_code": "false",
"capability.has_environment": "false",
"capability.has_exec": "false",
"capability.has_filesystem": "false",
"capability.has_network": "false",
"capability.has_reflection": "false",
"capability.has_serialization": "false",
"capability.has_session": "false",
"capability.has_stream_wrapper": "false",
"capability.has_upload": "false",
"capability.high_risk_count": "0",
"capability.low_risk_count": "0",
"capability.medium_risk_count": "0",
"capability.total_count": "0",
"capability.unique_function_count": "0",
"conflict.count": "0",
"conflict.detected": "false",
"env.extension_count": "13",
"env.extensions_core": "11",
"env.extensions_crypto": "1",
"env.extensions_text": "1",
"error.display_errors": "false",
"error.display_startup_errors": "false",
"error.log_errors": "true",
"ffi.detected": "false",
"ffi.enabled_setting": "unknown",
"ffi.usage_count": "0",
"include.bootstrap_chain_count": "0",
"include.dynamic_count": "0",
"include.edge_count": "0",
"include.include_count": "0",
"include.require_count": "0",
"include.static_count": "0",
"limits.max_execution_time": "30",
"limits.max_input_time": "60",
"limits.max_input_vars": "1000",
"limits.memory_limit": "128M",
"phar.archive_count": "0",
"phar.archives_with_vendor": "0",
"phar.total_archived_files": "0",
"phar.usage_count": "0",
"php.config.entry_count": "0",
"php.project.file_count": "1",
"php.project.uses_composer": "true",
"security.allow_url_fopen": "true",
"security.allow_url_include": "false",
"security.disabled_classes_count": "0",
"security.disabled_functions_count": "0",
"security.expose_php": "true",
"security.open_basedir": "false",
"session.cookie_httponly": "false",
"session.cookie_secure": "false",
"session.save_handler": "files",
"surface.cli_command_count": "0",
"surface.controller_count": "0",
"surface.cron_job_count": "0",
"surface.event_listener_count": "0",
"surface.http_methods": "",
"surface.middleware_count": "0",
"surface.protected_routes": "0",
"surface.public_routes": "0",
"surface.route_count": "0",
"upload.enabled": "true",
"upload.max_file_size": "2M",
"upload.max_files": "20",
"upload.max_post_size": "8M"
},
"evidence": [
{
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "4\u002B2 packages",
"sha256": "029fc9d7ce2de4d695d7a339e24f46d959cf43031889db4f93502e70ce3dfb5e"
}
]
},
{
"analyzerId": "php",
"componentKey": "purl::pkg:composer/johnpbloch/wordpress-core-installer@2.0.0",
@@ -8,7 +102,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "johnpbloch\\Composer\\->src/",
"composer.autoload.psr4": "johnpbloch\\Composer\\-\u003Esrc/",
"composer.content_hash": "c3d4e5f6a7b8c9d0e1f2a3b4c5d6a7b8",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -21,7 +115,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "johnpbloch/wordpress-core-installer@2.0.0"
"value": "johnpbloch/wordpress-core-installer@2.0.0",
"sha256": "029fc9d7ce2de4d695d7a339e24f46d959cf43031889db4f93502e70ce3dfb5e"
}
]
},
@@ -34,7 +129,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "PHPUnit\\->src/",
"composer.autoload.psr4": "PHPUnit\\-\u003Esrc/",
"composer.content_hash": "c3d4e5f6a7b8c9d0e1f2a3b4c5d6a7b8",
"composer.dev": "true",
"composer.plugin_api_version": "2.6.0",
@@ -48,7 +143,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "phpunit/phpunit@9.6.15"
"value": "phpunit/phpunit@9.6.15",
"sha256": "029fc9d7ce2de4d695d7a339e24f46d959cf43031889db4f93502e70ce3dfb5e"
}
]
},
@@ -75,7 +171,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "wordpress/wordpress@6.4.2"
"value": "wordpress/wordpress@6.4.2",
"sha256": "029fc9d7ce2de4d695d7a339e24f46d959cf43031889db4f93502e70ce3dfb5e"
}
]
},
@@ -101,7 +198,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "wp-phpunit/wp-phpunit@6.4.2"
"value": "wp-phpunit/wp-phpunit@6.4.2",
"sha256": "029fc9d7ce2de4d695d7a339e24f46d959cf43031889db4f93502e70ce3dfb5e"
}
]
},
@@ -126,7 +224,8 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "wpackagist-plugin/advanced-custom-fields@6.2.4"
"value": "wpackagist-plugin/advanced-custom-fields@6.2.4",
"sha256": "029fc9d7ce2de4d695d7a339e24f46d959cf43031889db4f93502e70ce3dfb5e"
}
]
},
@@ -139,7 +238,7 @@
"type": "composer",
"usedByEntrypoint": false,
"metadata": {
"composer.autoload.psr4": "Automattic\\WooCommerce\\->src/",
"composer.autoload.psr4": "Automattic\\WooCommerce\\-\u003Esrc/",
"composer.content_hash": "c3d4e5f6a7b8c9d0e1f2a3b4c5d6a7b8",
"composer.dev": "false",
"composer.plugin_api_version": "2.6.0",
@@ -152,8 +251,9 @@
"kind": "file",
"source": "composer.lock",
"locator": "composer.lock",
"value": "wpackagist-plugin/woocommerce@8.4.0"
"value": "wpackagist-plugin/woocommerce@8.4.0",
"sha256": "029fc9d7ce2de4d695d7a339e24f46d959cf43031889db4f93502e70ce3dfb5e"
}
]
}
]
]

4
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests/Internal/ComposerLockReaderTests.cs
View File

@@ -154,7 +154,7 @@ public sealed class ComposerLockReaderTests : IDisposable
var result = await ComposerLockData.LoadAsync(context, CancellationToken.None);
Assert.Single(result.Packages);
Assert.Equal("sha256hashhere", result.Packages[0].DistSha);
Assert.Equal("sha256hashhere", result.Packages[0].DistSha256);
Assert.Equal("https://packagist.org/vendor/package/1.0.0", result.Packages[0].DistUrl);
}
@@ -371,6 +371,6 @@ public sealed class ComposerLockReaderTests : IDisposable
private static LanguageAnalyzerContext CreateContext(string rootPath)
{
return new LanguageAnalyzerContext(rootPath);
return new LanguageAnalyzerContext(rootPath, TimeProvider.System);
}
}

2
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests/Internal/PhpCapabilityScannerTests.cs
View File

@@ -262,7 +262,7 @@ sodium_crypto_box($message, $nonce, $keyPair);
var result = PhpCapabilityScanner.ScanContent(content, "test.php");
Assert.NotEmpty(result);
Assert.All(result.Where(e => e.Kind == PhpCapabilityKind.Crypto && e.Pattern.StartsWith("sodium")),
Assert.All(result.Where(e => e.Kind == PhpCapabilityKind.Crypto && e.FunctionOrPattern.StartsWith("sodium")),
e => Assert.Equal(PhpCapabilityRisk.Low, e.Risk));
}

1
src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests/StellaOps.Scanner.Analyzers.Lang.Php.Tests.csproj
View File

@@ -33,6 +33,7 @@
<ProjectReference Include="../../__Libraries/StellaOps.Scanner.Analyzers.Lang/StellaOps.Scanner.Analyzers.Lang.csproj" />
<ProjectReference Include="../../__Libraries/StellaOps.Scanner.Analyzers.Lang.Php/StellaOps.Scanner.Analyzers.Lang.Php.csproj" />
<ProjectReference Include="../../__Libraries/StellaOps.Scanner.Core/StellaOps.Scanner.Core.csproj" />
<ProjectReference Include="../StellaOps.Scanner.Analyzers.Lang.Tests/StellaOps.Scanner.Analyzers.Lang.Tests.csproj" />
</ItemGroup>
<ItemGroup>