stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Add determinism tests for verdict artifact generation and update SHA256 sums script

Browse Source 
- Implemented comprehensive tests for verdict artifact generation to ensure deterministic outputs across various scenarios, including identical inputs, parallel execution, and change ordering.
- Created helper methods for generating sample verdict inputs and computing canonical hashes.
- Added tests to validate the stability of canonical hashes, proof spine ordering, and summary statistics.
- Introduced a new PowerShell script to update SHA256 sums for files, ensuring accurate hash generation and file integrity checks.
This commit is contained in:
StellaOps Bot
2025-12-24 02:17:34 +02:00
parent e59921374e
commit 7503c19b8f
390 changed files with 37389 additions and 5380 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
docs/advisories/explorer-integration.md
View File

@@ -1,24 +0,0 @@
# Advisories Integration with Vuln Explorer (Md.XI draft)
> Status: DRAFT — waiting on export bundle spec + provenance notes; keep TODO.
## Scope
- Describe advisory normalization, withdrawn handling, provenance, and export bundle linkage for Vuln Explorer.
- Deterministic examples with hashes in `docs/assets/vuln-explorer/SHA256SUMS`.
## Dependencies
- Export bundle spec/provenance notes (in progress).
- GRAP0101 identifiers.
## Outline
- Advisory ingestion flow and key normalization.
- Withdrawn/updated advisory handling.
- Provenance: DSSE/Rekor optional; bundle manifests.
- Cross-links to findings ledger and VEX decisions.
### Hash Capture Checklist (when spec arrives)
- `assets/vuln-explorer/advisory-normalized.json`
- `assets/vuln-explorer/advisory-withdrawn.json`
- `assets/vuln-explorer/advisory-bundle-manifest.json`
_Last updated: 2025-12-05 (UTC)_