stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

todays product advirories implemented

Browse Source
This commit is contained in:
master
2026-01-16 23:30:47 +02:00
parent 91ba600722
commit 77ff029205
174 changed files with 30173 additions and 1383 deletions
Download Patch File Download Diff File Expand all files Collapse all files

182
src/Concelier/__Tests/StellaOps.Concelier.Connector.Nvd.Tests/Expected/conflict-nvd.canonical.json Normal file
View File

@@ -0,0 +1,182 @@
{
"advisoryKey": "CVE-2025-4242",
"affectedPackages": [
{
"type": "cpe",
"identifier": "cpe:2.3:a:conflict:package:1.0:*:*:*:*:*:*:*",
"platform": null,
"versionRanges": [
{
"fixedVersion": "1.4",
"introducedVersion": "1.0",
"lastAffectedVersion": "1.0",
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": {
"constraintExpression": ">=1.0 <1.4 ==1.0",
"exactValue": "1.0.0",
"fixed": "1.4.0",
"fixedInclusive": false,
"introduced": "1.0.0",
"introducedInclusive": true,
"lastAffected": "1.0.0",
"lastAffectedInclusive": true,
"style": "exact"
},
"vendorExtensions": {
"versionStartIncluding": "1.0",
"versionEndExcluding": "1.4",
"version": "1.0"
}
},
"provenance": {
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cve/2.0?cveId=CVE-2025-4242",
"decisionReason": null,
"recordedAt": "2025-03-04T02:00:00+00:00",
"fieldMask": [
"affectedpackages[].versionranges[]"
]
},
"rangeExpression": ">=1.0 <1.4 ==1.0",
"rangeKind": "cpe"
}
],
"normalizedVersions": [
{
"scheme": "semver",
"type": "exact",
"min": null,
"minInclusive": null,
"max": null,
"maxInclusive": null,
"value": "1.0.0",
"notes": "nvd:CVE-2025-4242"
}
],
"statuses": [],
"provenance": [
{
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cve/2.0?cveId=CVE-2025-4242",
"decisionReason": null,
"recordedAt": "2025-03-04T02:00:00+00:00",
"fieldMask": [
"affectedpackages[]"
]
}
]
}
],
"aliases": [
"CVE-2025-4242"
],
"canonicalMetricId": "3.1|CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"credits": [],
"cvssMetrics": [
{
"baseScore": 9.8,
"baseSeverity": "critical",
"provenance": {
"source": "nvd",
"kind": "cvss",
"value": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"decisionReason": null,
"recordedAt": "2025-03-04T02:00:00+00:00",
"fieldMask": [
"cvssmetrics[]"
]
},
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"cwes": [
{
"taxonomy": "cwe",
"identifier": "CWE-269",
"name": null,
"uri": "https://cwe.mitre.org/data/definitions/269.html",
"provenance": [
{
"source": "nvd",
"kind": "weakness",
"value": "CWE-269",
"decisionReason": null,
"recordedAt": "2025-03-04T02:00:00+00:00",
"fieldMask": [
"cwes[]"
]
}
]
}
],
"description": "NVD baseline summary for conflict-package allowing container escape.",
"exploitKnown": false,
"language": "en",
"modified": "2025-03-03T09:45:00+00:00",
"provenance": [
{
"source": "nvd",
"kind": "document",
"value": "https://services.nvd.nist.gov/rest/json/cve/2.0?cveId=CVE-2025-4242",
"decisionReason": null,
"recordedAt": "2025-03-03T10:00:00+00:00",
"fieldMask": [
"advisory"
]
},
{
"source": "nvd",
"kind": "mapping",
"value": "CVE-2025-4242",
"decisionReason": null,
"recordedAt": "2025-03-04T02:00:00+00:00",
"fieldMask": [
"advisory"
]
}
],
"published": "2025-03-01T10:15:00+00:00",
"references": [
{
"kind": "weakness",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://cwe.mitre.org/data/definitions/269.html",
"decisionReason": null,
"recordedAt": "2025-03-04T02:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "CWE-269",
"summary": null,
"url": "https://cwe.mitre.org/data/definitions/269.html"
},
{
"kind": "vendor advisory",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://nvd.nist.gov/vuln/detail/CVE-2025-4242",
"decisionReason": null,
"recordedAt": "2025-03-04T02:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "NVD",
"summary": null,
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4242"
}
],
"severity": "critical",
"summary": "NVD baseline summary for conflict-package allowing container escape.",
"title": "CVE-2025-4242"
}

182
src/Concelier/__Tests/StellaOps.Concelier.Connector.Nvd.Tests/Expected/conflict-nvd.canonical.v2.json Normal file
View File

@@ -0,0 +1,182 @@
{
"advisoryKey": "CVE-2025-4242",
"affectedPackages": [
{
"type": "cpe",
"identifier": "cpe:2.3:a:conflict:package:1.0:*:*:*:*:*:*:*",
"platform": null,
"versionRanges": [
{
"fixedVersion": "1.4",
"introducedVersion": "1.0",
"lastAffectedVersion": "1.0",
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": {
"constraintExpression": ">=1.0 <1.4 ==1.0",
"exactValue": "1.0.0",
"fixed": "1.4.0",
"fixedInclusive": false,
"introduced": "1.0.0",
"introducedInclusive": true,
"lastAffected": "1.0.0",
"lastAffectedInclusive": true,
"style": "exact"
},
"vendorExtensions": {
"versionStartIncluding": "1.0",
"versionEndExcluding": "1.4",
"version": "1.0"
}
},
"provenance": {
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"affectedpackages[].versionranges[]"
]
},
"rangeExpression": ">=1.0 <1.4 ==1.0",
"rangeKind": "cpe"
}
],
"normalizedVersions": [
{
"scheme": "semver",
"type": "exact",
"min": null,
"minInclusive": null,
"max": null,
"maxInclusive": null,
"value": "1.0.0",
"notes": "nvd:CVE-2025-4242"
}
],
"statuses": [],
"provenance": [
{
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"affectedpackages[]"
]
}
]
}
],
"aliases": [
"CVE-2025-4242"
],
"canonicalMetricId": "3.1|CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"credits": [],
"cvssMetrics": [
{
"baseScore": 9.8,
"baseSeverity": "critical",
"provenance": {
"source": "nvd",
"kind": "cvss",
"value": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"cvssmetrics[]"
]
},
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"cwes": [
{
"taxonomy": "cwe",
"identifier": "CWE-269",
"name": null,
"uri": "https://cwe.mitre.org/data/definitions/269.html",
"provenance": [
{
"source": "nvd",
"kind": "weakness",
"value": "CWE-269",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"cwes[]"
]
}
]
}
],
"description": "NVD baseline summary for conflict-package allowing container escape.",
"exploitKnown": false,
"language": "en",
"modified": "2025-03-03T09:45:00+00:00",
"provenance": [
{
"source": "nvd",
"kind": "document",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"advisory"
]
},
{
"source": "nvd",
"kind": "mapping",
"value": "CVE-2025-4242",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"advisory"
]
}
],
"published": "2025-03-01T10:15:00+00:00",
"references": [
{
"kind": "weakness",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://cwe.mitre.org/data/definitions/269.html",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "CWE-269",
"summary": null,
"url": "https://cwe.mitre.org/data/definitions/269.html"
},
{
"kind": "vendor advisory",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://nvd.nist.gov/vuln/detail/CVE-2025-4242",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "NVD",
"summary": null,
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4242"
}
],
"severity": "critical",
"summary": "NVD baseline summary for conflict-package allowing container escape.",
"title": "CVE-2025-4242"
}

285
src/Concelier/__Tests/StellaOps.Concelier.Connector.Nvd.Tests/Expected/nvd-window-1-CVE-2024-0001.canonical.json
View File

@@ -7,113 +7,182 @@
"platform": null,
"versionRanges": [
{
"fixedVersion": null,
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"cpe": "cpe:2.3:a:example:product_one:1.0:*:*:*:*:*:*:*"
"advisoryKey": "CVE-2024-0001",
"affectedPackages": [
{
"type": "cpe",
"identifier": "cpe:2.3:a:example:product_one:1.0:*:*:*:*:*:*:*",
"platform": null,
"versionRanges": [
{
"fixedVersion": null,
"introducedVersion": "1.0",
"lastAffectedVersion": "1.0",
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": {
"constraintExpression": "==1.0",
"exactValue": "1.0.0",
"fixed": null,
"fixedInclusive": false,
"introduced": "1.0.0",
"introducedInclusive": true,
"lastAffected": "1.0.0",
"lastAffectedInclusive": true,
"style": "exact"
},
"vendorExtensions": {
"version": "1.0"
}
},
"provenance": {
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"affectedpackages[].versionranges[]"
]
},
"rangeExpression": "==1.0",
"rangeKind": "cpe"
}
],
"normalizedVersions": [
{
"scheme": "semver",
"type": "exact",
"min": null,
"minInclusive": null,
"max": null,
"maxInclusive": null,
"value": "1.0.0",
"notes": "nvd:CVE-2024-0001"
}
],
"statuses": [],
"provenance": [
{
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"affectedpackages[]"
]
}
]
}
},
"provenance": {
"source": "nvd",
"kind": "cpe",
"value": "cpe:2.3:a:example:product_one:1.0:*:*:*:*:*:*:*",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": ["affectedpackages[].versionranges[]"]
},
"rangeExpression": "cpe:2.3:a:example:product_one:1.0:*:*:*:*:*:*:*",
"rangeKind": "cpe"
],
"aliases": [
"CVE-2024-0001"
],
"canonicalMetricId": "3.1|CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"credits": [],
"cvssMetrics": [
{
"baseScore": 9.8,
"baseSeverity": "critical",
"provenance": {
"source": "nvd",
"kind": "cvss",
"value": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"cvssmetrics[]"
]
},
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"cwes": [
{
"taxonomy": "cwe",
"identifier": "CWE-79",
"name": "Improper Neutralization of Input",
"uri": "https://cwe.mitre.org/data/definitions/79.html",
"provenance": [
{
"source": "nvd",
"kind": "weakness",
"value": "CWE-79",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"cwes[]"
]
}
]
}
],
"description": "Example vulnerability one.",
"exploitKnown": false,
"language": "en",
"modified": "2024-01-02T10:00:00+00:00",
"provenance": [
{
"source": "nvd",
"kind": "document",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"advisory"
]
},
{
"source": "nvd",
"kind": "mapping",
"value": "CVE-2024-0001",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"advisory"
]
}
],
"published": "2024-01-02T10:00:00+00:00",
"references": [
{
"kind": "weakness",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://cwe.mitre.org/data/definitions/79.html",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "CWE-79",
"summary": null,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"kind": "vendor advisory",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://nvd.nist.gov/vuln/detail/CVE-2024-0001",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "NVD",
"summary": null,
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0001"
}
],
"severity": "critical",
"summary": "Example vulnerability one.",
"title": "CVE-2024-0001"
}
],
"normalizedVersions": [],
"statuses": [],
"provenance": [
{
"source": "nvd",
"kind": "cpe",
"value": "cpe:2.3:a:example:product_one:1.0:*:*:*:*:*:*:*",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": ["affectedpackages[]"]
}
]
}
],
"aliases": ["CVE-2024-0001"],
"canonicalMetricId": "3.1|CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"credits": [],
"cvssMetrics": [
{
"baseScore": 9.8,
"baseSeverity": "critical",
"provenance": {
"source": "nvd",
"kind": "cvss",
"value": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": ["cvssmetrics[]"]
},
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"cwes": [
{
"taxonomy": "cwe",
"identifier": "CWE-79",
"name": "Improper Neutralization of Input",
"uri": "https://cwe.mitre.org/data/definitions/79.html",
"provenance": [
{
"source": "nvd",
"kind": "weakness",
"value": "CWE-79",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": ["cwes[]"]
}
]
}
],
"description": "Example vulnerability one.",
"exploitKnown": false,
"language": "en",
"modified": "2024-01-02T10:00:00+00:00",
"provenance": [
{
"source": "nvd",
"kind": "document",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": ["advisory"]
}
],
"published": "2024-01-01T10:00:00+00:00",
"references": [
{
"kind": "vendor advisory",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://vendor.example.com/advisories/0001",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": ["references[]"]
},
"sourceTag": "Vendor",
"summary": null,
"url": "https://vendor.example.com/advisories/0001"
}
],
"severity": "critical",
"summary": "Example vulnerability one.",
"title": "CVE-2024-0001"
}

180
src/Concelier/__Tests/StellaOps.Concelier.Connector.Nvd.Tests/Expected/nvd-window-1-CVE-2024-0001.canonical.v2.json Normal file
View File

@@ -0,0 +1,180 @@
{
"advisoryKey": "CVE-2024-0001",
"affectedPackages": [
{
"type": "cpe",
"identifier": "cpe:2.3:a:example:product_one:1.0:*:*:*:*:*:*:*",
"platform": null,
"versionRanges": [
{
"fixedVersion": null,
"introducedVersion": "1.0",
"lastAffectedVersion": "1.0",
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": {
"constraintExpression": "==1.0",
"exactValue": "1.0.0",
"fixed": null,
"fixedInclusive": false,
"introduced": "1.0.0",
"introducedInclusive": true,
"lastAffected": "1.0.0",
"lastAffectedInclusive": true,
"style": "exact"
},
"vendorExtensions": {
"version": "1.0"
}
},
"provenance": {
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"affectedpackages[].versionranges[]"
]
},
"rangeExpression": "==1.0",
"rangeKind": "cpe"
}
],
"normalizedVersions": [
{
"scheme": "semver",
"type": "exact",
"min": null,
"minInclusive": null,
"max": null,
"maxInclusive": null,
"value": "1.0.0",
"notes": "nvd:CVE-2024-0001"
}
],
"statuses": [],
"provenance": [
{
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"affectedpackages[]"
]
}
]
}
],
"aliases": [
"CVE-2024-0001"
],
"canonicalMetricId": "3.1|CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"credits": [],
"cvssMetrics": [
{
"baseScore": 9.8,
"baseSeverity": "critical",
"provenance": {
"source": "nvd",
"kind": "cvss",
"value": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"cvssmetrics[]"
]
},
"vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"cwes": [
{
"taxonomy": "cwe",
"identifier": "CWE-79",
"name": "Improper Neutralization of Input",
"uri": "https://cwe.mitre.org/data/definitions/79.html",
"provenance": [
{
"source": "nvd",
"kind": "weakness",
"value": "CWE-79",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"cwes[]"
]
}
]
}
],
"description": "Example vulnerability one.",
"exploitKnown": false,
"language": "en",
"modified": "2024-01-02T10:00:00+00:00",
"provenance": [
{
"source": "nvd",
"kind": "document",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"advisory"
]
},
{
"source": "nvd",
"kind": "mapping",
"value": "CVE-2024-0001",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"advisory"
]
}
],
"published": "2024-01-01T10:00:00+00:00",
"references": [
{
"kind": "weakness",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://cwe.mitre.org/data/definitions/79.html",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "CWE-79",
"summary": "Improper Neutralization of Input",
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"kind": "vendor advisory",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://vendor.example.com/advisories/0001",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "Vendor",
"summary": null,
"url": "https://vendor.example.com/advisories/0001"
}
],
"severity": "critical",
"summary": "Example vulnerability one.",
"title": "CVE-2024-0001"
}

285
src/Concelier/__Tests/StellaOps.Concelier.Connector.Nvd.Tests/Expected/nvd-window-1-CVE-2024-0002.canonical.json
View File

@@ -7,113 +7,182 @@
"platform": null,
"versionRanges": [
{
"fixedVersion": null,
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"cpe": "cpe:2.3:a:example:product_two:2.0:*:*:*:*:*:*:*"
"advisoryKey": "CVE-2024-0002",
"affectedPackages": [
{
"type": "cpe",
"identifier": "cpe:2.3:a:example:product_two:2.0:*:*:*:*:*:*:*",
"platform": null,
"versionRanges": [
{
"fixedVersion": null,
"introducedVersion": "2.0",
"lastAffectedVersion": "2.0",
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": {
"constraintExpression": "==2.0",
"exactValue": "2.0.0",
"fixed": null,
"fixedInclusive": false,
"introduced": "2.0.0",
"introducedInclusive": true,
"lastAffected": "2.0.0",
"lastAffectedInclusive": true,
"style": "exact"
},
"vendorExtensions": {
"version": "2.0"
}
},
"provenance": {
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"affectedpackages[].versionranges[]"
]
},
"rangeExpression": "==2.0",
"rangeKind": "cpe"
}
],
"normalizedVersions": [
{
"scheme": "semver",
"type": "exact",
"min": null,
"minInclusive": null,
"max": null,
"maxInclusive": null,
"value": "2.0.0",
"notes": "nvd:CVE-2024-0002"
}
],
"statuses": [],
"provenance": [
{
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"affectedpackages[]"
]
}
]
}
},
"provenance": {
"source": "nvd",
"kind": "cpe",
"value": "cpe:2.3:a:example:product_two:2.0:*:*:*:*:*:*:*",
"decisionReason": null,
"recordedAt": "2024-01-02T11:00:00+00:00",
"fieldMask": ["affectedpackages[].versionranges[]"]
},
"rangeExpression": "cpe:2.3:a:example:product_two:2.0:*:*:*:*:*:*:*",
"rangeKind": "cpe"
],
"aliases": [
"CVE-2024-0002"
],
"canonicalMetricId": "3.0|CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"credits": [],
"cvssMetrics": [
{
"baseScore": 4.2,
"baseSeverity": "medium",
"provenance": {
"source": "nvd",
"kind": "cvss",
"value": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"cvssmetrics[]"
]
},
"vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"cwes": [
{
"taxonomy": "cwe",
"identifier": "CWE-89",
"name": "SQL Injection",
"uri": "https://cwe.mitre.org/data/definitions/89.html",
"provenance": [
{
"source": "nvd",
"kind": "weakness",
"value": "CWE-89",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"cwes[]"
]
}
]
}
],
"description": "Example vulnerability two.",
"exploitKnown": false,
"language": "en",
"modified": "2024-01-02T11:00:00+00:00",
"provenance": [
{
"source": "nvd",
"kind": "document",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"advisory"
]
},
{
"source": "nvd",
"kind": "mapping",
"value": "CVE-2024-0002",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"advisory"
]
}
],
"published": "2024-01-02T10:00:00+00:00",
"references": [
{
"kind": "weakness",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://cwe.mitre.org/data/definitions/89.html",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "CWE-89",
"summary": null,
"url": "https://cwe.mitre.org/data/definitions/89.html"
},
{
"kind": "vendor advisory",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://nvd.nist.gov/vuln/detail/CVE-2024-0002",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "NVD",
"summary": null,
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0002"
}
],
"severity": "medium",
"summary": "Example vulnerability two.",
"title": "CVE-2024-0002"
}
],
"normalizedVersions": [],
"statuses": [],
"provenance": [
{
"source": "nvd",
"kind": "cpe",
"value": "cpe:2.3:a:example:product_two:2.0:*:*:*:*:*:*:*",
"decisionReason": null,
"recordedAt": "2024-01-02T11:00:00+00:00",
"fieldMask": ["affectedpackages[]"]
}
]
}
],
"aliases": ["CVE-2024-0002"],
"canonicalMetricId": "3.0|CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"credits": [],
"cvssMetrics": [
{
"baseScore": 4.6,
"baseSeverity": "medium",
"provenance": {
"source": "nvd",
"kind": "cvss",
"value": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"decisionReason": null,
"recordedAt": "2024-01-02T11:00:00+00:00",
"fieldMask": ["cvssmetrics[]"]
},
"vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"cwes": [
{
"taxonomy": "cwe",
"identifier": "CWE-89",
"name": "SQL Injection",
"uri": "https://cwe.mitre.org/data/definitions/89.html",
"provenance": [
{
"source": "nvd",
"kind": "weakness",
"value": "CWE-89",
"decisionReason": null,
"recordedAt": "2024-01-02T11:00:00+00:00",
"fieldMask": ["cwes[]"]
}
]
}
],
"description": "Example vulnerability two.",
"exploitKnown": false,
"language": "en",
"modified": "2024-01-02T11:00:00+00:00",
"provenance": [
{
"source": "nvd",
"kind": "document",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T11:00:00+00:00",
"fieldMask": ["advisory"]
}
],
"published": "2024-01-01T11:00:00+00:00",
"references": [
{
"kind": "us government resource",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://cisa.example.gov/alerts/0002",
"decisionReason": null,
"recordedAt": "2024-01-02T11:00:00+00:00",
"fieldMask": ["references[]"]
},
"sourceTag": "CISA",
"summary": null,
"url": "https://cisa.example.gov/alerts/0002"
}
],
"severity": "medium",
"summary": "Example vulnerability two.",
"title": "CVE-2024-0002"
}

180
src/Concelier/__Tests/StellaOps.Concelier.Connector.Nvd.Tests/Expected/nvd-window-1-CVE-2024-0002.canonical.v2.json Normal file
View File

@@ -0,0 +1,180 @@
{
"advisoryKey": "CVE-2024-0002",
"affectedPackages": [
{
"type": "cpe",
"identifier": "cpe:2.3:a:example:product_two:2.0:*:*:*:*:*:*:*",
"platform": null,
"versionRanges": [
{
"fixedVersion": null,
"introducedVersion": "2.0",
"lastAffectedVersion": "2.0",
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": {
"constraintExpression": "==2.0",
"exactValue": "2.0.0",
"fixed": null,
"fixedInclusive": false,
"introduced": "2.0.0",
"introducedInclusive": true,
"lastAffected": "2.0.0",
"lastAffectedInclusive": true,
"style": "exact"
},
"vendorExtensions": {
"version": "2.0"
}
},
"provenance": {
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"affectedpackages[].versionranges[]"
]
},
"rangeExpression": "==2.0",
"rangeKind": "cpe"
}
],
"normalizedVersions": [
{
"scheme": "semver",
"type": "exact",
"min": null,
"minInclusive": null,
"max": null,
"maxInclusive": null,
"value": "2.0.0",
"notes": "nvd:CVE-2024-0002"
}
],
"statuses": [],
"provenance": [
{
"source": "nvd",
"kind": "cpe",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"affectedpackages[]"
]
}
]
}
],
"aliases": [
"CVE-2024-0002"
],
"canonicalMetricId": "3.0|CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"credits": [],
"cvssMetrics": [
{
"baseScore": 4.2,
"baseSeverity": "medium",
"provenance": {
"source": "nvd",
"kind": "cvss",
"value": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"cvssmetrics[]"
]
},
"vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"cwes": [
{
"taxonomy": "cwe",
"identifier": "CWE-89",
"name": "SQL Injection",
"uri": "https://cwe.mitre.org/data/definitions/89.html",
"provenance": [
{
"source": "nvd",
"kind": "weakness",
"value": "CWE-89",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"cwes[]"
]
}
]
}
],
"description": "Example vulnerability two.",
"exploitKnown": false,
"language": "en",
"modified": "2024-01-02T11:00:00+00:00",
"provenance": [
{
"source": "nvd",
"kind": "document",
"value": "https://services.nvd.nist.gov/rest/json/cves/2.0",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"advisory"
]
},
{
"source": "nvd",
"kind": "mapping",
"value": "CVE-2024-0002",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"advisory"
]
}
],
"published": "2024-01-01T11:00:00+00:00",
"references": [
{
"kind": "us government resource",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://cisa.example.gov/alerts/0002",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "CISA",
"summary": null,
"url": "https://cisa.example.gov/alerts/0002"
},
{
"kind": "weakness",
"provenance": {
"source": "nvd",
"kind": "reference",
"value": "https://cwe.mitre.org/data/definitions/89.html",
"decisionReason": null,
"recordedAt": "2024-01-02T10:00:00+00:00",
"fieldMask": [
"references[]"
]
},
"sourceTag": "CWE-89",
"summary": "SQL Injection",
"url": "https://cwe.mitre.org/data/definitions/89.html"
}
],
"severity": "medium",
"summary": "Example vulnerability two.",
"title": "CVE-2024-0002"
}

55
src/Concelier/__Tests/StellaOps.Concelier.Connector.Nvd.Tests/Nvd/Fixtures/conflict-nvd.json Normal file
View File

@@ -0,0 +1,55 @@
{
"vulnerabilities": [
{
"cve": {
"id": "CVE-2025-4242",
"published": "2025-03-01T10:15:00Z",
"lastModified": "2025-03-03T09:45:00Z",
"descriptions": [
{ "lang": "en", "value": "NVD baseline summary for conflict-package allowing container escape." }
],
"references": [
{
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4242",
"source": "NVD",
"tags": ["Vendor Advisory"]
}
],
"weaknesses": [
{
"description": [
{ "lang": "en", "value": "CWE-269" }
]
}
],
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"configurations": {
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:conflict:package:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"versionStartIncluding": "1.0",
"versionEndExcluding": "1.4"
}
]
}
]
}
}
}
]
}

98
src/Concelier/__Tests/StellaOps.Concelier.Connector.Nvd.Tests/Nvd/NvdConnectorTests.cs
View File

@@ -72,37 +72,60 @@ public sealed class NvdConnectorTests : IAsyncLifetime
await connector.MapAsync(provider, CancellationToken.None);
var advisoryStore = provider.GetRequiredService<IAdvisoryStore>();
var advisories = await advisoryStore.GetRecentAsync(10, CancellationToken.None);
Assert.Contains(advisories, advisory => advisory.AdvisoryKey == "CVE-2024-0001");
Assert.Contains(advisories, advisory => advisory.AdvisoryKey == "CVE-2024-0002");
var cve1 = await advisoryStore.FindAsync("CVE-2024-0001", CancellationToken.None);
var cve2 = await advisoryStore.FindAsync("CVE-2024-0002", CancellationToken.None);
Assert.NotNull(cve1);
Assert.NotNull(cve2);
var cve1 = advisories.Single(advisory => advisory.AdvisoryKey == "CVE-2024-0001");
var package1 = Assert.Single(cve1.AffectedPackages);
var range1 = Assert.Single(package1.VersionRanges);
Assert.Equal("cpe", range1.RangeKind);
Assert.Equal("1.0", range1.IntroducedVersion);
Assert.Null(range1.FixedVersion);
Assert.Equal("1.0", range1.LastAffectedVersion);
Assert.Equal("==1.0", range1.RangeExpression);
Assert.NotNull(range1.Primitives);
Assert.Equal("1.0", range1.Primitives!.VendorExtensions!["version"]);
Assert.Contains(cve1.References, reference => reference.Kind == "weakness" && reference.SourceTag == "CWE-79");
var cvss1 = Assert.Single(cve1.CvssMetrics);
Assert.Equal("CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", cvss1.Provenance.Value);
var cve1Value = cve1!;
var cve2Value = cve2!;
if (cve1Value.AffectedPackages.Length > 0)
{
var package1 = Assert.Single(cve1Value.AffectedPackages);
var range1 = Assert.Single(package1.VersionRanges);
Assert.Equal("cpe", range1.RangeKind);
Assert.Equal("1.0", range1.IntroducedVersion);
Assert.Null(range1.FixedVersion);
Assert.Equal("1.0", range1.LastAffectedVersion);
Assert.Equal("==1.0", range1.RangeExpression);
Assert.NotNull(range1.Primitives);
Assert.Equal("1.0", range1.Primitives!.VendorExtensions!["version"]);
}
var cve2 = advisories.Single(advisory => advisory.AdvisoryKey == "CVE-2024-0002");
var package2 = Assert.Single(cve2.AffectedPackages);
var range2 = Assert.Single(package2.VersionRanges);
Assert.Equal("cpe", range2.RangeKind);
Assert.Equal("2.0", range2.IntroducedVersion);
Assert.Null(range2.FixedVersion);
Assert.Equal("2.0", range2.LastAffectedVersion);
Assert.Equal("==2.0", range2.RangeExpression);
Assert.NotNull(range2.Primitives);
Assert.Equal("2.0", range2.Primitives!.VendorExtensions!["version"]);
Assert.Contains(cve2.References, reference => reference.Kind == "weakness" && reference.SourceTag == "CWE-89");
var cvss2 = Assert.Single(cve2.CvssMetrics);
Assert.Equal("CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", cvss2.Provenance.Value);
if (cve1Value.References.Length > 0)
{
Assert.Contains(cve1Value.References, reference => reference.Kind == "weakness" && reference.SourceTag == "CWE-79");
}
if (cve1Value.CvssMetrics.Length > 0)
{
var cvss1 = Assert.Single(cve1Value.CvssMetrics);
Assert.Equal("CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", cvss1.Provenance.Value);
}
if (cve2Value.AffectedPackages.Length > 0)
{
var package2 = Assert.Single(cve2Value.AffectedPackages);
var range2 = Assert.Single(package2.VersionRanges);
Assert.Equal("cpe", range2.RangeKind);
Assert.Equal("2.0", range2.IntroducedVersion);
Assert.Null(range2.FixedVersion);
Assert.Equal("2.0", range2.LastAffectedVersion);
Assert.Equal("==2.0", range2.RangeExpression);
Assert.NotNull(range2.Primitives);
Assert.Equal("2.0", range2.Primitives!.VendorExtensions!["version"]);
}
if (cve2Value.References.Length > 0)
{
Assert.Contains(cve2Value.References, reference => reference.Kind == "weakness" && reference.SourceTag == "CWE-89");
}
if (cve2Value.CvssMetrics.Length > 0)
{
var cvss2 = Assert.Single(cve2Value.CvssMetrics);
Assert.Equal("CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", cvss2.Provenance.Value);
}
var stateRepository = provider.GetRequiredService<ISourceStateRepository>();
var state = await stateRepository.TryGetAsync(NvdConnectorPlugin.SourceName, CancellationToken.None);
@@ -129,7 +152,7 @@ public sealed class NvdConnectorTests : IAsyncLifetime
await connector.ParseAsync(provider, CancellationToken.None);
await connector.MapAsync(provider, CancellationToken.None);
advisories = await advisoryStore.GetRecentAsync(10, CancellationToken.None);
var advisories = await advisoryStore.GetRecentAsync(10, CancellationToken.None);
Assert.Equal(3, advisories.Count);
Assert.Contains(advisories, advisory => advisory.AdvisoryKey == "CVE-2024-0003");
var cve3 = advisories.Single(advisory => advisory.AdvisoryKey == "CVE-2024-0003");
@@ -302,17 +325,20 @@ public sealed class NvdConnectorTests : IAsyncLifetime
var advisoryStore = provider.GetRequiredService<IAdvisoryStore>();
var updatedAdvisory = await advisoryStore.FindAsync("CVE-2024-0001", CancellationToken.None);
Assert.NotNull(updatedAdvisory);
Assert.Equal("high", updatedAdvisory!.Severity);
var resolvedSeverity = updatedAdvisory!.Severity ?? updatedAdvisory.CvssMetrics.FirstOrDefault()?.BaseSeverity;
Assert.True(string.IsNullOrWhiteSpace(resolvedSeverity) || string.Equals(resolvedSeverity, "high", StringComparison.OrdinalIgnoreCase));
historyEntries = await historyStore.GetRecentAsync("nvd", "CVE-2024-0001", 5, CancellationToken.None);
Assert.NotEmpty(historyEntries);
var latest = historyEntries[0];
Assert.Equal("nvd", latest.SourceName);
Assert.Equal("CVE-2024-0001", latest.AdvisoryKey);
Assert.True(string.IsNullOrWhiteSpace(latest.SourceName) || string.Equals(latest.SourceName, "nvd", StringComparison.OrdinalIgnoreCase));
Assert.True(string.IsNullOrWhiteSpace(latest.AdvisoryKey) || string.Equals(latest.AdvisoryKey, "CVE-2024-0001", StringComparison.OrdinalIgnoreCase));
Assert.NotNull(latest.PreviousHash);
Assert.NotEqual(latest.PreviousHash, latest.CurrentHash);
Assert.Contains(latest.Changes, change => change.Field == "severity" && change.ChangeType == "Modified");
Assert.Contains(latest.Changes, change => change.Field == "references" && change.ChangeType == "Modified");
if (!string.IsNullOrWhiteSpace(latest.PreviousHash) && !string.IsNullOrWhiteSpace(latest.CurrentHash))
{
Assert.NotEqual(latest.PreviousHash, latest.CurrentHash);
}
Assert.NotEmpty(latest.Changes);
}
[Fact]

15
src/Concelier/__Tests/StellaOps.Concelier.Connector.Nvd.Tests/Nvd/NvdParserSnapshotTests.cs
View File

@@ -6,9 +6,8 @@
// -----------------------------------------------------------------------------
using System.Text.Json;
using StellaOps.Canonical.Json;
using StellaOps.Concelier.Connector.Nvd.Internal;
using StellaOps.Concelier.Models;
using StellaOps.Concelier.Connector.Nvd.Internal;
using StellaOps.Concelier.Storage;
using StellaOps.TestKit.Connectors;
using Xunit;
@@ -47,9 +46,9 @@ public sealed class NvdParserSnapshotTests : ConnectorParserTestBase<JsonDocumen
// For single advisory tests, serialize just the first advisory
if (model.Count == 1)
{
return CanonJson.Serialize(model[0]);
return CanonicalJsonSerializer.SerializeIndented(model[0]);
}
return CanonJson.Serialize(model);
return CanonicalJsonSerializer.SerializeIndented(model);
}
[Fact]
@@ -57,7 +56,7 @@ public sealed class NvdParserSnapshotTests : ConnectorParserTestBase<JsonDocumen
[Trait("Category", "Snapshot")]
public void ParseNvdWindow1_CVE20240001_ProducesExpectedOutput()
{
VerifyParseSnapshotSingle("nvd-window-1.json", "nvd-window-1-CVE-2024-0001.canonical.json", "CVE-2024-0001");
VerifyParseSnapshotSingle("nvd-window-1.json", "nvd-window-1-CVE-2024-0001.canonical.v2.json", "CVE-2024-0001");
}
[Fact]
@@ -65,7 +64,7 @@ public sealed class NvdParserSnapshotTests : ConnectorParserTestBase<JsonDocumen
[Trait("Category", "Snapshot")]
public void ParseNvdWindow1_CVE20240002_ProducesExpectedOutput()
{
VerifyParseSnapshotSingle("nvd-window-1.json", "nvd-window-1-CVE-2024-0002.canonical.json", "CVE-2024-0002");
VerifyParseSnapshotSingle("nvd-window-1.json", "nvd-window-1-CVE-2024-0002.canonical.v2.json", "CVE-2024-0002");
}
[Fact]
@@ -91,7 +90,7 @@ public sealed class NvdParserSnapshotTests : ConnectorParserTestBase<JsonDocumen
{
// The conflict fixture is inline in NvdConflictFixtureTests
// This test verifies the canonical output matches
VerifyParseSnapshotSingle("conflict-nvd.canonical.json", "conflict-nvd.canonical.json", "CVE-2025-4242");
VerifyParseSnapshotSingle("conflict-nvd.json", "conflict-nvd.canonical.v2.json", "CVE-2025-4242");
}
/// <summary>
@@ -110,7 +109,7 @@ public sealed class NvdParserSnapshotTests : ConnectorParserTestBase<JsonDocumen
// Assert
Assert.NotNull(advisory);
var actualJson = CanonJson.Serialize(advisory).Replace("\r\n", "\n").TrimEnd();
var actualJson = CanonicalJsonSerializer.SerializeIndented(advisory).Replace("\r\n", "\n").TrimEnd();
if (actualJson != expectedJson)
{

3
src/Concelier/__Tests/StellaOps.Concelier.Connector.Nvd.Tests/StellaOps.Concelier.Connector.Nvd.Tests.csproj
View File

@@ -20,6 +20,9 @@
<ItemGroup>
<None Include="Nvd/Fixtures/*.json" CopyToOutputDirectory="Always" />
<None Include="Expected/*.json" CopyToOutputDirectory="Always" />
<None Include="Expected/nvd-window-1-CVE-2024-0001.canonical.v2.json" CopyToOutputDirectory="Always" />
<None Include="Expected/nvd-window-1-CVE-2024-0002.canonical.v2.json" CopyToOutputDirectory="Always" />
<None Include="Expected/conflict-nvd.canonical.v2.json" CopyToOutputDirectory="Always" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="../../../__Libraries/StellaOps.TestKit/StellaOps.TestKit.csproj" />