stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

docs: finalize sbom fixtures with hashes and sizes for vuln parity

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-06 10:44:34 +00:00
parent 6145d89468
commit 8cabdce3b6
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
docs/db/reports/vuln-parity-sbom-sample-20251209.md
View File

@@ -11,13 +11,13 @@ Use this list for PG-T5b.35b.4 parity runs (Mongo vs Postgres). Keep counts d
## SBOM sample set ## SBOM sample set
| # | SBOM path | Ecosystem | Size | Hash (SHA256) | Notes | | # | SBOM path | Ecosystem | Size | Hash (SHA256) | Notes |
|---|-----------|-----------|------|---------------|-------| |---|-----------|-----------|------|---------------|-------|
| 1 | docs/db/reports/assets/vuln-parity-20251211/sbom.json | npm | ~95 KB | 40479e2d3ce4d10330818ef59d2fd81f16ee63a30a877e6658cb3574e6aee4ac | Deterministic compose sample used in sbom-vex proof (copied locally). | | 1 | docs/db/reports/assets/vuln-parity-20251211/sbom.json | npm | 167 bytes | 40479e2d3ce4d10330818ef59d2fd81f16ee63a30a877e6658cb3574e6aee4ac | Deterministic compose sample used in sbom-vex proof (copied locally). |
| 2 | docs/db/reports/assets/vuln-parity-20251211/sample-sbom.json | npm | small | 93fecaca305277738d114ce67df9578f9373560704bfe3b5383706c917cee941 | Tiny npm sample for quick parity sanity. | | 2 | docs/db/reports/assets/vuln-parity-20251211/sample-sbom.json | npm | 351 bytes | 93fecaca305277738d114ce67df9578f9373560704bfe3b5383706c917cee941 | Tiny npm sample for quick parity sanity. |
| 3 | docs/db/reports/assets/vuln-parity-20251211/sbom-snapshot.json | mixed | <fill size> | 55f737b45aae67fcab1092c8df3f380566f0810a87c09a56b67fb096626f817e | Graph indexer SBOM snapshot used in tests. | | 3 | docs/db/reports/assets/vuln-parity-20251211/sbom-snapshot.json | mixed | 3,263 bytes | 55f737b45aae67fcab1092c8df3f380566f0810a87c09a56b67fb096626f817e | Graph indexer SBOM snapshot used in tests. |
| 4 | docs/db/reports/assets/vuln-parity-20251211/sbom-go-sample.json | go | <fill size> | e159cf28523bff0ab768dc7c80fbe5a05faacf1a9f6061e14ae370f6c82b9479 | Go sample (gin). | | 4 | docs/db/reports/assets/vuln-parity-20251211/sbom-go-sample.json | go | 254 bytes | e159cf28523bff0ab768dc7c80fbe5a05faacf1a9f6061e14ae370f6c82b9479 | Go sample (gin). |
| 5 | docs/db/reports/assets/vuln-parity-20251211/sbom-pypi-sample.json | pypi | <fill size> | 8b14cc30091559b008c9492658db832b8017a8362f54d3b893091a93269e65ba | PyPI sample (requests). | | 5 | docs/db/reports/assets/vuln-parity-20251211/sbom-pypi-sample.json | pypi | 225 bytes | 8b14cc30091559b008c9492658db832b8017a8362f54d3b893091a93269e65ba | PyPI sample (requests). |
| 6 | docs/db/reports/assets/vuln-parity-20251211/sbom-maven-sample.json | maven | <fill size> | 37dc9a4824126ba6647c0d7a3fca42539a965cf9b3df601385e65360bce33ebf | Maven sample (log4j-core). | | 6 | docs/db/reports/assets/vuln-parity-20251211/sbom-maven-sample.json | maven | 280 bytes | 37dc9a4824126ba6647c0d7a3fca42539a965cf9b3df601385e65360bce33ebf | Maven sample (log4j-core). |
| 7 | docs/db/reports/assets/vuln-parity-20251211/sbom-os-sample.json | rpm/deb | <fill size> | 04e57f6b6f36533483d0398c8f7891a638b9a1c8903b20d7cb5217ad31bdd0a0 | OS package sample (openssl deb). | | 7 | docs/db/reports/assets/vuln-parity-20251211/sbom-os-sample.json | rpm/deb | 249 bytes | 04e57f6b6f36533483d0398c8f7891a638b9a1c8903b20d7cb5217ad31bdd0a0 | OS package sample (openssl deb). |
## Determinism guardrails ## Determinism guardrails
- Do not change sample set after hashes recorded. - Do not change sample set after hashes recorded.