stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

audit notes work completed, test fixes work (95% done), new sprints, new data sources setup and configuration

Browse Source
This commit is contained in:
master
2026-01-14 10:48:00 +02:00
parent d7be6ba34b
commit 95d5898650
379 changed files with 40695 additions and 19041 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229_049_BE_csproj_audit_maint_tests.md
View File

@@ -475,7 +475,7 @@ Bulk task definitions (applies to every project row below):
| 450 | AUDIT-0150-A | TODO | Approved 2026-01-12 | Guild | src/__Tests/Integration/StellaOps.Integration.Unknowns/StellaOps.Integration.Unknowns.csproj - APPLY |
| 451 | AUDIT-0151-M | DONE | Revalidated 2026-01-12 | Guild | src/__Tests/interop/StellaOps.Interop.Tests/StellaOps.Interop.Tests.csproj - MAINT |
| 452 | AUDIT-0151-T | DONE | Revalidated 2026-01-12 | Guild | src/__Tests/interop/StellaOps.Interop.Tests/StellaOps.Interop.Tests.csproj - TEST |
| 453 | AUDIT-0151-A | TODO | Approved 2026-01-12 | Guild | src/__Tests/interop/StellaOps.Interop.Tests/StellaOps.Interop.Tests.csproj - APPLY |
| 453 | AUDIT-0151-A | TODO | Partial applied 2026-01-13; ToolManager wiring/tests + skip gating; remaining parity/schema TODOs | Guild | src/__Tests/interop/StellaOps.Interop.Tests/StellaOps.Interop.Tests.csproj - APPLY |
| 454 | AUDIT-0152-M | DONE | Revalidated 2026-01-12 | Guild | src/__Tests/offline/StellaOps.Offline.E2E.Tests/StellaOps.Offline.E2E.Tests.csproj - MAINT |
| 455 | AUDIT-0152-T | DONE | Revalidated 2026-01-12 | Guild | src/__Tests/offline/StellaOps.Offline.E2E.Tests/StellaOps.Offline.E2E.Tests.csproj - TEST |
| 456 | AUDIT-0152-A | TODO | Approved 2026-01-12 | Guild | src/__Tests/offline/StellaOps.Offline.E2E.Tests/StellaOps.Offline.E2E.Tests.csproj - APPLY |
@@ -6988,6 +6988,7 @@ Bulk task definitions (applies to every project row below):
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2026-01-13 | Applied Concelier.WebService hotlist (AUDIT-0242-A/AUDIT-0417-A): TimeProvider timestamps, ASCII cleanup, federation tests. | Project Mgmt |
| 2026-01-14 | Applied Scanner.Sources hotlist (AUDIT-0684-A/AUDIT-0738-A): deterministic IDs/time, tenant lookup, cursor encoding, Docker reference handling, SSH connection test, handler/trigger/persistence tests. | Project Mgmt |
| 2026-01-07 | Revalidated AUDIT-0774 (PolicySchemaExporter.Tests); added AGENTS/TASKS; updated audit report. | Codex |
| 2026-01-07 | Revalidated AUDIT-0773 (PolicyDslValidator.Tests); added AGENTS/TASKS; updated audit report. | Codex |
| 2026-01-07 | Revalidated AUDIT-0772 (NotifySmokeCheck.Tests); added AGENTS/TASKS; updated audit report. | Codex |

19
docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229_049_BE_csproj_audit_report.md
View File

@@ -5027,18 +5027,11 @@
- QUALITY: Perf smoke tests emit non-ASCII multiplication glyphs in output strings and comments. `src/Scanner/__Tests/StellaOps.Scanner.SmartDiff.Tests/Benchmarks/SmartDiffPerfSmokeTests.cs`
- Disposition: waived (test project; revalidated 2026-01-08).
### src/Scanner/__Libraries/StellaOps.Scanner.Sources/StellaOps.Scanner.Sources.csproj
- MAINT: Domain and service paths use Guid.NewGuid and DateTimeOffset.UtcNow fallbacks, violating deterministic ID/time rules. `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Domain/SbomSource.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Domain/SbomSourceRun.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Triggers/TriggerContext.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Services/SbomSourceService.cs`
- QUALITY: SourceTriggerDispatcher calls GetByIdAsync with a null tenant id, so tenant-scoped queries can fail and scheduled dispatch can never find sources. `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Triggers/SourceTriggerDispatcher.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Persistence/SbomSourceRepository.cs`
- MAINT: Cursor parsing uses int.Parse without InvariantCulture, and SemVer parsing uses int.Parse with current culture. `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Persistence/SbomSourceRepository.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Persistence/SbomSourceRunRepository.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Handlers/Docker/ImageDiscovery.cs`
- QUALITY: Docker reference parsing drops registry ports and can mis-handle `registry:5000/repo` by treating the port as a tag; BuildFullReference uses Uri.Host so ports are lost. `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Handlers/Docker/DockerSourceHandler.cs`
- QUALITY: GitConnectionTester returns success for SSH configurations without validating connectivity, yielding false positives. `src/Scanner/__Libraries/StellaOps.Scanner.Sources/ConnectionTesters/GitConnectionTester.cs`
- TEST: Coverage is limited to config validation and domain models; handlers, connection testers, trigger dispatch/scheduling, and persistence are untested. `src/Scanner/__Tests/StellaOps.Scanner.Sources.Tests/Configuration/SourceConfigValidatorTests.cs` `src/Scanner/__Tests/StellaOps.Scanner.Sources.Tests/Domain/SbomSourceTests.cs` `src/Scanner/__Tests/StellaOps.Scanner.Sources.Tests/Domain/SbomSourceRunTests.cs`
- Disposition: applied 2026-01-13; HttpClientFactory fixtures, TimeProvider request timestamps, ASCII comments, deterministic random, Task.Run removal, sync-over-async removal, tests added.
- Applied changes: deterministic IDs/time, tenant-safe lookup, invariant cursor encoding, Docker port parsing, SSH connection test correction, handler/trigger/persistence tests.
- Disposition: applied 2026-01-14; deterministic IDs/time, tenant-safe lookup, invariant cursor parsing, Docker port handling, SSH connection test correction, handler/trigger/persistence tests.
### src/Scanner/__Tests/StellaOps.Scanner.Sources.Tests/StellaOps.Scanner.Sources.Tests.csproj
- MAINT: TreatWarningsAsErrors is not set for the test project. `src/Scanner/__Tests/StellaOps.Scanner.Sources.Tests/StellaOps.Scanner.Sources.Tests.csproj`
- MAINT: Tests use Guid.NewGuid and DateTimeOffset.Parse without InvariantCulture, making runs nondeterministic. `src/Scanner/__Tests/StellaOps.Scanner.Sources.Tests/Domain/SbomSourceRunTests.cs`
- TEST: No tests cover handlers, connection testers, trigger dispatch/scheduling, or repository paging/serialization. `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Handlers` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/ConnectionTesters` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Triggers` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Persistence`
- Disposition: waived (test project; revalidated 2026-01-07).
- Applied changes: TreatWarningsAsErrors enabled, deterministic IDs/time, handler/trigger/connection/persistence tests added.
- Disposition: applied 2026-01-14; TreatWarningsAsErrors enabled, deterministic IDs/time, handler/trigger/connection/persistence tests added.
### src/Scanner/__Libraries/StellaOps.Scanner.Storage/StellaOps.Scanner.Storage.csproj
- MAINT: Catalog documents default CreatedAt/UpdatedAt to DateTime.UtcNow, bypassing TimeProvider injection and making persisted data nondeterministic. `src/Scanner/__Libraries/StellaOps.Scanner.Storage/Catalog/ArtifactDocument.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Storage/Catalog/ImageDocument.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Storage/Catalog/LayerDocument.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Storage/Catalog/EntryTraceDocument.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Storage/Catalog/JobDocument.cs`
- MAINT: EpssUpdatedEventBuilder uses Guid.NewGuid for EventId; inject IGuidGenerator instead. `src/Scanner/__Libraries/StellaOps.Scanner.Storage/Epss/Events/EpssUpdatedEvent.cs`
@@ -12404,7 +12397,7 @@
### src/Scanner/__Libraries/StellaOps.Scanner.Sources/StellaOps.Scanner.Sources.csproj
- TEST: Covered by 1 test project(s): `src/Scanner/__Tests/StellaOps.Scanner.Sources.Tests/StellaOps.Scanner.Sources.Tests.csproj`.
- MAINT: Non-deterministic time or random usage; inject TimeProvider/IGuidProvider and deterministic random sources. `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Triggers/TriggerContext.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Services/SbomSourceService.cs` `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Domain/SbomSourceRun.cs`
- MAINT: No maintainability issues detected in automated scan.
- SECURITY: No high-risk patterns detected in automated scan.
- REUSE: Referenced by 1 production project(s): `src/Scanner/StellaOps.Scanner.WebService/StellaOps.Scanner.WebService.csproj`.
- QUALITY: TODO/FIXME/HACK markers present; track cleanup. `src/Scanner/__Libraries/StellaOps.Scanner.Sources/Services/SbomSourceService.cs`
@@ -12832,7 +12825,7 @@
### src/Scanner/__Tests/StellaOps.Scanner.Sources.Tests/StellaOps.Scanner.Sources.Tests.csproj
- TEST: test project.
- MAINT: Non-deterministic time or random usage; inject TimeProvider/IGuidProvider and deterministic random sources. `src/Scanner/__Tests/StellaOps.Scanner.Sources.Tests/Domain/SbomSourceRunTests.cs`
- MAINT: No maintainability issues detected in automated scan.
- SECURITY: No high-risk patterns detected in automated scan.
- REUSE: Not applicable (non-production project).
- QUALITY: No quality patterns detected in automated scan.