Add call graph fixtures for various languages and scenarios
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Findings Ledger CI / build-test (push) Has been cancelled
Findings Ledger CI / migration-validation (push) Has been cancelled
Findings Ledger CI / generate-manifest (push) Has been cancelled
Lighthouse CI / Lighthouse Audit (push) Has been cancelled
Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Reachability Corpus Validation / validate-corpus (push) Has been cancelled
Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Reachability Corpus Validation / determinism-check (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Findings Ledger CI / build-test (push) Has been cancelled
Findings Ledger CI / migration-validation (push) Has been cancelled
Findings Ledger CI / generate-manifest (push) Has been cancelled
Lighthouse CI / Lighthouse Audit (push) Has been cancelled
Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Reachability Corpus Validation / validate-corpus (push) Has been cancelled
Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Reachability Corpus Validation / determinism-check (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
- Introduced `all-edge-reasons.json` to test edge resolution reasons in .NET. - Added `all-visibility-levels.json` to validate method visibility levels in .NET. - Created `dotnet-aspnetcore-minimal.json` for a minimal ASP.NET Core application. - Included `go-gin-api.json` for a Go Gin API application structure. - Added `java-spring-boot.json` for the Spring PetClinic application in Java. - Introduced `legacy-no-schema.json` for legacy application structure without schema. - Created `node-express-api.json` for an Express.js API application structure.
This commit is contained in:
master
@@ -2,6 +2,20 @@
|
||||
|
||||
Offline/air-gapped usage patterns for the Stella CLI.
|
||||
|
||||
## Offline kit commands
|
||||
- Import an offline kit (local verification + activation)
|
||||
```bash
|
||||
stella offline import \
|
||||
--bundle ./bundle-2025-12-14.tar.zst \
|
||||
--verify-dsse \
|
||||
--verify-rekor \
|
||||
--trust-root /evidence/keys/roots/stella-root.pub
|
||||
```
|
||||
- Check current offline kit status
|
||||
```bash
|
||||
stella offline status --output table
|
||||
```
|
||||
|
||||
## Prerequisites
|
||||
- CLI installed from offline bundle; `local-nugets/` and cached plugins available.
|
||||
- Mirror/Bootstrap bundles staged locally; no external network required.
|
||||
|
||||
44
docs/modules/cli/guides/commands/offline.md
Normal file
44
docs/modules/cli/guides/commands/offline.md
Normal file
@@ -0,0 +1,44 @@
|
||||
# stella offline — Command Guide
|
||||
|
||||
## Overview
|
||||
|
||||
The `stella offline` command group manages air-gap “offline kits” locally, with verification (DSSE + optional Rekor receipt checks), monotonic version gating, and quarantine on validation failures.
|
||||
|
||||
## Commands
|
||||
|
||||
### `offline import`
|
||||
|
||||
```bash
|
||||
stella offline import \
|
||||
--bundle ./bundle-2025-12-14.tar.zst \
|
||||
--verify-dsse \
|
||||
--verify-rekor \
|
||||
--trust-root /evidence/keys/roots/stella-root.pub
|
||||
```
|
||||
|
||||
**Notes**
|
||||
- `--verify-dsse` defaults to `true` and requires `--trust-root`.
|
||||
- `--force-activate` requires `--force-reason` and records a non-monotonic activation override.
|
||||
- `--dry-run` validates the kit without activating it.
|
||||
- Uses the configured kits directory (default `offline-kits/`) for state (`offline-kits/.state/`) and quarantine (`offline-kits/quarantine/`).
|
||||
|
||||
### `offline status`
|
||||
|
||||
```bash
|
||||
stella offline status --output json
|
||||
```
|
||||
|
||||
Displays the currently active kit (if any), staleness, and quarantined bundle count.
|
||||
|
||||
## Exit codes
|
||||
|
||||
Offline exit codes are defined in `src/Cli/StellaOps.Cli/Commands/OfflineExitCodes.cs` (advisory A11), including:
|
||||
- `0` success
|
||||
- `1` file not found
|
||||
- `2` checksum mismatch
|
||||
- `5` DSSE verification failed
|
||||
- `6` Rekor verification failed
|
||||
- `8` version non-monotonic (not force-activated)
|
||||
- `11` validation failed
|
||||
- `130` cancelled
|
||||
|
||||
Reference in New Issue
Block a user