tests fixes and some product advisories tunes ups

2026-01-30 07:57:43 +02:00
parent 644887997c
commit 55744f6a39
345 changed files with 26290 additions and 2267 deletions
--- a/src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GroundTruth.Reproducible/BundleExportService.cs
+++ b/src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GroundTruth.Reproducible/BundleExportService.cs
@@ -28,12 +28,17 @@ public sealed class BundleExportService : IBundleExportService
    private readonly ILogger<BundleExportService> _logger;
    private readonly TimeProvider _timeProvider;

-    private static readonly JsonSerializerOptions JsonOptions = new()
+    private static readonly JsonSerializerOptions JsonWriteOptions = new()
    {
        WriteIndented = true,
        PropertyNamingPolicy = JsonNamingPolicy.CamelCase
    };

+    private static readonly JsonSerializerOptions JsonReadOptions = new()
+    {
+        PropertyNameCaseInsensitive = true
+    };
+
    /// <summary>
    /// Initializes a new instance of the <see cref="BundleExportService"/> class.
    /// </summary>
@@ -347,7 +352,7 @@ public sealed class BundleExportService : IBundleExportService
        };

        await using var stream = new MemoryStream();
-        await JsonSerializer.SerializeAsync(stream, sbom, JsonOptions, cancellationToken);
+        await JsonSerializer.SerializeAsync(stream, sbom, JsonWriteOptions, cancellationToken);
        return stream.ToArray();
    }

@@ -384,7 +389,7 @@ public sealed class BundleExportService : IBundleExportService
        };

        // Wrap in DSSE envelope format
-        var payload = JsonSerializer.SerializeToUtf8Bytes(predicate, JsonOptions);
+        var payload = JsonSerializer.SerializeToUtf8Bytes(predicate, JsonWriteOptions);
        var envelope = new
        {
            payloadType = "application/vnd.stella-ops.delta-sig+json",
@@ -393,7 +398,7 @@ public sealed class BundleExportService : IBundleExportService
        };

        await using var stream = new MemoryStream();
-        await JsonSerializer.SerializeAsync(stream, envelope, JsonOptions, cancellationToken);
+        await JsonSerializer.SerializeAsync(stream, envelope, JsonWriteOptions, cancellationToken);
        return stream.ToArray();
    }

@@ -534,7 +539,7 @@ public sealed class BundleExportService : IBundleExportService
            try
            {
                var json = File.ReadAllText(manifestPath);
-                var manifest = JsonSerializer.Deserialize<PairManifest>(json);
+                var manifest = JsonSerializer.Deserialize<PairManifest>(json, JsonReadOptions);
                if (manifest is not null)
                {
                    return new CorpusBinaryPair
@@ -736,7 +741,7 @@ public sealed class BundleExportService : IBundleExportService

        var kpiPath = Path.Combine(kpisDir, "kpis.json");
        await using var stream = File.Create(kpiPath);
-        await JsonSerializer.SerializeAsync(stream, kpiExport, JsonOptions, ct);
+        await JsonSerializer.SerializeAsync(stream, kpiExport, JsonWriteOptions, ct);
    }

    private async Task<BundleManifestInfo> CreateManifestAsync(
@@ -777,7 +782,7 @@ public sealed class BundleExportService : IBundleExportService
        };

        var manifestPath = Path.Combine(stagingDir, "manifest.json");
-        var bytes = JsonSerializer.SerializeToUtf8Bytes(manifest, JsonOptions);
+        var bytes = JsonSerializer.SerializeToUtf8Bytes(manifest, JsonWriteOptions);
        await File.WriteAllBytesAsync(manifestPath, bytes, ct);

        var digest = ComputeHash(bytes);
@@ -804,7 +809,7 @@ public sealed class BundleExportService : IBundleExportService
            message = "Signing integration pending"
        };

-        return File.WriteAllTextAsync(signaturePath, JsonSerializer.Serialize(placeholder, JsonOptions), ct);
+        return File.WriteAllTextAsync(signaturePath, JsonSerializer.Serialize(placeholder, JsonWriteOptions), ct);
    }

    private static async Task CreateTarballAsync(string sourceDir, string outputPath, CancellationToken ct)
--- a/src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GroundTruth.Reproducible/BundleImportService.cs
+++ b/src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GroundTruth.Reproducible/BundleImportService.cs
@@ -172,8 +172,13 @@ public sealed class BundleImportService : IBundleImportService

                    if (!digestResult.Passed)
                    {
-                        return BundleImportResult.Failed(
-                            $"Digest verification failed: {digestResult.Mismatches.Length} mismatches");
+                        return new BundleImportResult
+                        {
+                            Success = false,
+                            OverallStatus = VerificationStatus.Failed,
+                            DigestResult = digestResult,
+                            Error = $"Digest verification failed: {digestResult.Mismatches.Length} mismatches"
+                        };
                    }
                }

--- a/src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GroundTruth.Reproducible/SbomStabilityValidator.cs
+++ b/src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GroundTruth.Reproducible/SbomStabilityValidator.cs
@@ -303,6 +303,11 @@ public sealed class SbomStabilityValidator : ISbomStabilityValidator
                Duration = stopwatch.Elapsed
            };
        }
+        catch (OperationCanceledException)
+        {
+            _logger.LogWarning("SBOM stability validation was cancelled");
+            throw;
+        }
        catch (Exception ex)
        {
            _logger.LogError(ex, "SBOM stability validation failed");