stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity

docs: seed vuln parity sbom list with available fixtures

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-06 10:10:45 +00:00
parent 3954615e81
commit 95ff83e0f0
7 changed files with 214 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/db/reports/vuln-parity-sbom-sample-20251209.md
View File

@@ -12,10 +12,10 @@ Use this list for PG-T5b.35b.4 parity runs (Mongo vs Postgres). Keep counts d
| # | SBOM path | Ecosystem | Size | Hash (SHA256) | Notes |
|---|-----------|-----------|------|---------------|-------|
| 1 | docs/scripts/sbom-vex/sbom.json | npm | ~95 KB | <fill> | Deterministic compose sample used in sbom-vex proof. |
| 2 | <add> | go | <fill> | TODO: pick Go SBOM fixture; store under docs/db/reports/assets/vuln-parity-20251211/. |
| 3 | <add> | pypi | <fill> | TODO: pick Python SBOM fixture. |
| 4 | <add> | maven | <fill> | TODO: pick Java/Maven SBOM fixture. |
| 5 | <add> | rpm/deb | <fill> | TODO: pick OS package SBOM fixture (if available). |
| 2 | docs/examples/policies/sample-sbom.json | npm | small | <fill> | Tiny npm sample for quick parity sanity. |
| 3 | tests/Graph/StellaOps.Graph.Indexer.Tests/Fixtures/v1/sbom-snapshot.json | mixed | <fill> | Graph indexer SBOM snapshot used in tests. |
| 4 | <add: go> | go | <fill> | TODO: create/store Go SBOM under docs/db/reports/assets/vuln-parity-20251211/. |
| 5 | <add: pypi/maven/os> | pypi or maven or rpm/deb | <fill> | TODO: add one non-npm ecosystem SBOM for coverage. |
## Determinism guardrails
- Do not change sample set after hashes recorded.

1
docs/implplan/SPRINT_0211_0001_0003_ui_iii.md
View File

@@ -74,3 +74,4 @@
| 2025-11-30 | Normalised sprint to standard template and renamed file from `SPRINT_211_ui_iii.md` to `SPRINT_0211_0001_0003_ui_iii.md`; no task status changes. | Planning |
| 2025-12-06 | Corrected working directory to `src/Web/StellaOps.Web`; unblocked Delivery Tracker items accordingly. Reachability fixtures still required. | Implementer |
| 2025-12-06 | Added Policy Studio scope help text to Console Profile and introduced policy auth fixtures + seeding helper (`src/Web/StellaOps.Web/src/app/testing/auth-*.ts`) with APP_INITIALIZER hook (`window.__stellaopsTestSession`) for Cypress/e2e stubbing. | Implementer |
| 2025-12-06 | Tightened approvals guard (requires `policy:read` + review/approve) and updated workspace scope hints; attempted Playwright `tests/e2e/auth.spec.ts` with seeded session but webServer (ng serve) timed out starting locally; rerun in CI or with longer warmup. | Implementer |