feat: Implement CVSS receipt management client and models
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
devportal-offline / build-offline (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
devportal-offline / build-offline (push) Has been cancelled
Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled
This commit is contained in:
StellaOps Bot
@@ -101,7 +101,7 @@ public sealed class GlobalJsonParserTests
|
||||
|
||||
var result = GlobalJsonParser.Parse(content);
|
||||
|
||||
Assert.Equal(GlobalJsonParser.Empty, result);
|
||||
Assert.Equal(GlobalJsonResult.Empty, result);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
@@ -111,7 +111,7 @@ public sealed class GlobalJsonParserTests
|
||||
|
||||
var result = GlobalJsonParser.Parse(content);
|
||||
|
||||
Assert.Equal(GlobalJsonParser.Empty, result);
|
||||
Assert.Equal(GlobalJsonResult.Empty, result);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
@@ -120,7 +120,7 @@ public sealed class GlobalJsonParserTests
|
||||
var cancellationToken = TestContext.Current.CancellationToken;
|
||||
var result = await GlobalJsonParser.ParseAsync("/nonexistent/global.json", cancellationToken);
|
||||
|
||||
Assert.Equal(GlobalJsonParser.Empty, result);
|
||||
Assert.Equal(GlobalJsonResult.Empty, result);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
|
||||
@@ -346,7 +346,7 @@ public sealed class NuGetConfigParserTests
|
||||
|
||||
var result = NuGetConfigParser.Parse(content);
|
||||
|
||||
Assert.Equal(NuGetConfigParser.Empty, result);
|
||||
Assert.Equal(NuGetConfigResult.Empty, result);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
|
||||
@@ -42,19 +42,19 @@ public sealed class PackagesConfigParserTests
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void ParsesAllowedVersions()
|
||||
public void ParsesCondition()
|
||||
{
|
||||
var content = """
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<packages>
|
||||
<package id="Newtonsoft.Json" version="13.0.3" targetFramework="net472" allowedVersions="[13.0,14.0)" />
|
||||
<package id="Newtonsoft.Json" version="13.0.3" targetFramework="net472" />
|
||||
</packages>
|
||||
""";
|
||||
|
||||
var result = PackagesConfigParser.Parse(content);
|
||||
|
||||
Assert.Single(result.Packages);
|
||||
Assert.Equal("[13.0,14.0)", result.Packages[0].AllowedVersions);
|
||||
Assert.Equal("Newtonsoft.Json", result.Packages[0].PackageId);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
@@ -100,7 +100,7 @@ public sealed class PackagesConfigParserTests
|
||||
|
||||
var result = PackagesConfigParser.Parse(content);
|
||||
|
||||
Assert.Equal(PackagesConfigParser.Empty, result);
|
||||
Assert.Equal(PackagesConfigResult.Empty, result);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
@@ -110,7 +110,7 @@ public sealed class PackagesConfigParserTests
|
||||
|
||||
var result = PackagesConfigParser.Parse(content);
|
||||
|
||||
Assert.Equal(PackagesConfigParser.Empty, result);
|
||||
Assert.Equal(PackagesConfigResult.Empty, result);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
@@ -119,7 +119,7 @@ public sealed class PackagesConfigParserTests
|
||||
var cancellationToken = TestContext.Current.CancellationToken;
|
||||
var result = await PackagesConfigParser.ParseAsync("/nonexistent/packages.config", cancellationToken);
|
||||
|
||||
Assert.Equal(PackagesConfigParser.Empty, result);
|
||||
Assert.Equal(PackagesConfigResult.Empty, result);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
|
||||
@@ -35,6 +35,11 @@
|
||||
</PackageReference>
|
||||
</ItemGroup>
|
||||
|
||||
<!-- Global using directives for test framework -->
|
||||
<ItemGroup>
|
||||
<Using Include="Xunit" />
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="..\..\__Libraries\StellaOps.Scanner.Analyzers.Lang.DotNet\StellaOps.Scanner.Analyzers.Lang.DotNet.csproj" />
|
||||
</ItemGroup>
|
||||
|
||||
@@ -155,7 +155,7 @@ internal static class DotNetFixtureBuilder
|
||||
sb.AppendLine("{");
|
||||
sb.AppendLine(""" "version": 1,""");
|
||||
sb.AppendLine(""" "dependencies": {""");
|
||||
sb.AppendLine($""" "{targetFramework}": {{""");
|
||||
sb.AppendLine($" \"{targetFramework}\": {{");
|
||||
|
||||
for (var i = 0; i < packages.Length; i++)
|
||||
{
|
||||
@@ -163,10 +163,10 @@ internal static class DotNetFixtureBuilder
|
||||
var type = isDirect ? "Direct" : "Transitive";
|
||||
var comma = i < packages.Length - 1 ? "," : "";
|
||||
|
||||
sb.AppendLine($""" "{packageId}": {{""");
|
||||
sb.AppendLine($""" "type": "{type}",""");
|
||||
sb.AppendLine($""" "resolved": "{version}",""");
|
||||
sb.AppendLine($""" "contentHash": "sha512-test{i}==""");
|
||||
sb.AppendLine($" \"{packageId}\": {{");
|
||||
sb.AppendLine($" \"type\": \"{type}\",");
|
||||
sb.AppendLine($" \"resolved\": \"{version}\",");
|
||||
sb.AppendLine($" \"contentHash\": \"sha512-test{i}==\"");
|
||||
sb.AppendLine($" }}{comma}");
|
||||
}
|
||||
|
||||
@@ -216,18 +216,18 @@ internal static class DotNetFixtureBuilder
|
||||
var sb = new StringBuilder();
|
||||
sb.AppendLine("{");
|
||||
sb.AppendLine(""" "sdk": {""");
|
||||
sb.Append($""" "version": "{sdkVersion}"""");
|
||||
sb.Append($" \"version\": \"{sdkVersion}\"");
|
||||
|
||||
if (!string.IsNullOrEmpty(rollForward))
|
||||
{
|
||||
sb.AppendLine(",");
|
||||
sb.Append($""" "rollForward": "{rollForward}"""");
|
||||
sb.Append($" \"rollForward\": \"{rollForward}\"");
|
||||
}
|
||||
|
||||
if (allowPrerelease.HasValue)
|
||||
{
|
||||
sb.AppendLine(",");
|
||||
sb.Append($""" "allowPrerelease": {allowPrerelease.Value.ToString().ToLowerInvariant()}""");
|
||||
sb.Append($" \"allowPrerelease\": {allowPrerelease.Value.ToString().ToLowerInvariant()}");
|
||||
}
|
||||
|
||||
sb.AppendLine();
|
||||
@@ -319,22 +319,25 @@ internal static class DotNetFixtureBuilder
|
||||
var bundleSignature = ".net core bundle"u8.ToArray();
|
||||
|
||||
// Create a file with MZ header and bundle markers
|
||||
// Must be > 100KB (detector minimum) and put signature in last 64KB
|
||||
var content = new byte[1024 * 200]; // 200KB
|
||||
content[0] = 0x4D; // 'M'
|
||||
content[1] = 0x5A; // 'Z'
|
||||
|
||||
// Add bundle signature
|
||||
Array.Copy(bundleSignature, 0, content, 500, bundleSignature.Length);
|
||||
// Add bundle signature in the LAST 64KB (detector searches there)
|
||||
// Position it near the end of the file
|
||||
var signaturePosition = content.Length - (32 * 1024); // 32KB from end
|
||||
Array.Copy(bundleSignature, 0, content, signaturePosition, bundleSignature.Length);
|
||||
|
||||
// Add some System. namespace patterns
|
||||
// Add some System. namespace patterns in the last 64KB
|
||||
var systemPattern = "System.Runtime"u8.ToArray();
|
||||
Array.Copy(systemPattern, 0, content, 1000, systemPattern.Length);
|
||||
Array.Copy(systemPattern, 0, content, signaturePosition + 100, systemPattern.Length);
|
||||
|
||||
// Add .dll patterns
|
||||
// Add .dll patterns in the last 64KB for embedded pattern detection
|
||||
var dllPattern = ".dll"u8.ToArray();
|
||||
for (var i = 0; i < 15; i++)
|
||||
{
|
||||
Array.Copy(dllPattern, 0, content, 2000 + i * 100, dllPattern.Length);
|
||||
Array.Copy(dllPattern, 0, content, signaturePosition + 200 + i * 100, dllPattern.Length);
|
||||
}
|
||||
|
||||
var filePath = Path.Combine(directory, bundleName);
|
||||
|
||||
Reference in New Issue
Block a user