Add unit tests for AST parsing and security sink detection

- Created `StellaOps.AuditPack.Tests.csproj` for unit testing the AuditPack library. - Implemented comprehensive unit tests in `index.test.js` for AST parsing, covering various JavaScript and TypeScript constructs including functions, classes, decorators, and JSX. - Added `sink-detect.test.js` to test security sink detection patterns, validating command injection, SQL injection, file write, deserialization, SSRF, NoSQL injection, and more. - Included tests for taint source detection in various contexts such as Express, Koa, and AWS Lambda.
2025-12-23 09:23:42 +02:00
parent 7e384ab610
commit 56e2dc01ee
96 changed files with 8555 additions and 1455 deletions
--- a/src/Cli/__Libraries/StellaOps.Cli.Plugins.Symbols/SymbolsCliCommandModule.cs
+++ b/src/Cli/__Libraries/StellaOps.Cli.Plugins.Symbols/SymbolsCliCommandModule.cs
@@ -49,12 +49,11 @@ public sealed class SymbolsCliCommandModule : ICliCommandModule
    {
        var symbols = new Command("symbols", "Symbol ingestion and management commands.");

-        // Global options for symbols commands
+        // Dry run option shared by ingest and upload commands
        var dryRunOption = new Option<bool>("--dry-run")
        {
            Description = "Dry run mode - generate manifest without uploading"
        };
-        symbols.AddGlobalOption(dryRunOption);

        // Add subcommands
        symbols.Add(BuildIngestCommand(verboseOption, dryRunOption, cancellationToken));
@@ -75,7 +74,7 @@ public sealed class SymbolsCliCommandModule : ICliCommandModule
        var binaryOption = new Option<string>("--binary")
        {
            Description = "Path to the binary file",
-            IsRequired = true
+            Required = true
        };
        var debugOption = new Option<string?>("--debug")
        {
@@ -165,12 +164,12 @@ public sealed class SymbolsCliCommandModule : ICliCommandModule
        var manifestOption = new Option<string>("--manifest")
        {
            Description = "Path to manifest JSON file",
-            IsRequired = true
+            Required = true
        };
        var serverOption = new Option<string>("--server")
        {
            Description = "Symbols server URL",
-            IsRequired = true
+            Required = true
        };
        var tenantOption = new Option<string?>("--tenant")
        {
@@ -204,7 +203,7 @@ public sealed class SymbolsCliCommandModule : ICliCommandModule
        var pathOption = new Option<string>("--path")
        {
            Description = "Path to manifest or DSSE file",
-            IsRequired = true
+            Required = true
        };

        verify.Add(pathOption);
@@ -227,7 +226,7 @@ public sealed class SymbolsCliCommandModule : ICliCommandModule
        var serverOption = new Option<string>("--server")
        {
            Description = "Symbols server URL",
-            IsRequired = true
+            Required = true
        };

        health.Add(serverOption);