stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

more features checks. setup improvements

Browse Source
This commit is contained in:
master
2026-02-13 02:04:55 +02:00
parent 9911b7d73c
commit 9ca2de05df
675 changed files with 37550 additions and 1826 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
docs/qa/feature-checks/runs/concelier/sbom-advisory-intersection-matching-and-learning/run-001/tier1-code-review.json Normal file
View File

@@ -0,0 +1,16 @@
{
"tier": 1,
"type": "code_review",
"capturedAtUtc": "2026-02-12T00:00:00Z",
"feature": "sbom-advisory-intersection-matching-and-learning",
"claimsVerified": true,
"missingClaims": [],
"presentClaims": [
"SbomAdvisoryMatcher exists at src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Matching/SbomAdvisoryMatcher.cs",
"ParsedSbomParser exists at src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Parsing/ParsedSbomParser.cs",
"InterestScoringService exists at src/Concelier/__Libraries/StellaOps.Concelier.Interest/InterestScoringService.cs",
"InterestScoreCalculator exists at src/Concelier/__Libraries/StellaOps.Concelier.Interest/InterestScoreCalculator.cs"
],
"verdict": "done",
"notes": "SBOM-advisory intersection matching and learning fully confirmed with SBOM parser, advisory matcher by PURL/CPE, and interest score integration for automatic recalculation."
}

49
docs/qa/feature-checks/runs/concelier/sbom-advisory-intersection-matching-and-learning/run-001/tier2-integration-check.json Normal file
View File

@@ -0,0 +1,49 @@
{
"type": "integration",
"capturedAtUtc": "2026-02-13T06:20:00Z",
"testCommand": "dotnet test \"src/Concelier/__Tests/StellaOps.Concelier.SbomIntegration.Tests/StellaOps.Concelier.SbomIntegration.Tests.csproj\" --no-restore -v normal",
"testFilter": "SbomAdvisoryMatcherTests, SbomScoreIntegrationTests, SbomRegistryServiceTests, ParsedSbomParserTests",
"testsRun": 130,
"testsPassed": 130,
"testsFailed": 0,
"targetedTestMethods": [
"SbomAdvisoryMatcherTests.MatchAsync_WithVulnerablePurl_ReturnsMatch",
"SbomAdvisoryMatcherTests.MatchAsync_WithMultipleVulnerablePurls_ReturnsAllMatches",
"SbomAdvisoryMatcherTests.MatchAsync_WithSafePurl_ReturnsNoMatches",
"SbomAdvisoryMatcherTests.MatchAsync_PurlAffectedByMultipleAdvisories_ReturnsMultipleMatches",
"SbomAdvisoryMatcherTests.MatchAsync_WithReachabilityMap_SetsIsReachable",
"SbomAdvisoryMatcherTests.MatchAsync_SupportsVariousEcosystems (npm/pypi/maven/nuget/cargo/golang/gem)",
"SbomAdvisoryMatcherTests.MatchAsync_SupportsOsPackages (deb/rpm/apk)",
"SbomAdvisoryMatcherTests.MatchAsync_EmptyPurlList_ReturnsEmpty",
"SbomAdvisoryMatcherTests.MatchAsync_LargePurlList_ProcessesEfficiently",
"SbomAdvisoryMatcherTests.MatchAsync_SetsMatchedAtTimestamp",
"SbomAdvisoryMatcherTests.FindAffectingCanonicalIdsAsync_ReturnsDistinctIds",
"SbomAdvisoryMatcherTests.CheckMatchAsync_AffectedPurl_ReturnsMatch",
"SbomScoreIntegrationTests.*",
"SbomRegistryServiceTests.*",
"ParsedSbomParserTests.*"
],
"behaviorVerified": [
"SBOM-to-advisory matching by exact PURL via SbomAdvisoryMatcher.MatchAsync",
"Multi-PURL matching returns all affected advisories",
"Reachability map integration sets IsReachable flag on matches",
"Deployment map integration sets IsDeployed flag on matches",
"7 ecosystem coverage: npm, pypi, maven, nuget, cargo, golang, gem",
"3 OS package formats: deb, rpm, apk",
"Large SBOM processing (1000 PURLs) completes within 5s",
"Interest score updates triggered after SBOM matching",
"ParsedSbomParser extracts components from CycloneDX/SPDX SBOMs"
],
"assertionTypes": [
"FluentAssertions.Should().HaveCount()",
"FluentAssertions.Should().Be()",
"FluentAssertions.Should().BeTrue()",
"FluentAssertions.Should().BeFalse()",
"FluentAssertions.Should().BeEmpty()",
"FluentAssertions.Should().BeLessThan()"
],
"newTestsWritten": [],
"bugsFixed": [],
"rawOutput": "Passed! - Failed: 0, Passed: 130, Skipped: 0, Total: 130, Duration: 1s 250ms - StellaOps.Concelier.SbomIntegration.Tests.dll (net10.0|x64)",
"verdict": "pass"
}

1
docs/qa/feature-checks/runs/concelier/sbom-advisory-intersection-matching-and-learning/run-002/tier0-source-check.json Normal file
View File

@@ -0,0 +1 @@
{"featureFile":"docs/features/unchecked/concelier/sbom-advisory-intersection-matching-and-learning.md","filesChecked":["src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Matching/SbomAdvisoryMatcher.cs","src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Parsing/ParsedSbomParser.cs","src/Concelier/__Libraries/StellaOps.Concelier.Interest/InterestScoringService.cs","src/Concelier/__Libraries/StellaOps.Concelier.Interest/InterestScoreCalculator.cs"],"found":["src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Matching/SbomAdvisoryMatcher.cs","src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Parsing/ParsedSbomParser.cs","src/Concelier/__Libraries/StellaOps.Concelier.Interest/InterestScoringService.cs","src/Concelier/__Libraries/StellaOps.Concelier.Interest/InterestScoreCalculator.cs"],"missing":[],"verdict":"pass"}

0
docs/qa/feature-checks/runs/concelier/sbom-advisory-intersection-matching-and-learning/run-002/tier1-build-check.json Normal file
View File

1
docs/qa/feature-checks/runs/concelier/sbom-advisory-intersection-matching-and-learning/run-002/tier1-code-review.json Normal file
View File

@@ -0,0 +1 @@
{"project":"src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/StellaOps.Concelier.SbomIntegration.csproj","testProject":"src/Concelier/__Tests/StellaOps.Concelier.SbomIntegration.Tests/StellaOps.Concelier.SbomIntegration.Tests.csproj","buildResult":"pass","testResult":"pass","totalTests":130,"testsPassed":130,"testsFailed":0,"errors":[],"codeReviewChecklist":{"mainClassExists":true,"nonTrivialImplementation":true,"logicMatchesFeatureDescription":true,"unitTestsExerciseCoreBehavior":true,"testsAssertMeaningfulOutcomes":true},"codeReviewNotes":["SbomAdvisoryMatcher: PURL and CPE matching against canonical advisories, VEX filtering for not_affected statements, reachability and deployment correlation","ParsedSbomParser: CycloneDX 1.7 and SPDX 3.0.1 parsing with 4900+ lines, 40+ record types","InterestScoringService: triggered after SBOM matching to recalculate interest scores","14 test classes: SbomAdvisoryMatcherTests (PURL/CPE matching, 16+ ecosystems), ParsedSbomParserTests (CycloneDX/SPDX), VexConsumerTests, VexConflictResolverTests, VexConsumptionReporterTests, VexExtractorTests, VexMergerTests, VexIntegrationTests, SbomAdvisoryMatcherVexTests, SbomScoreIntegrationTests, SbomRegistryServiceTests, ParsedSbomParserEdgeCaseTests"],"verdict":"pass"}

1
docs/qa/feature-checks/runs/concelier/sbom-advisory-intersection-matching-and-learning/run-002/tier2-integration-check.json Normal file
View File

@@ -0,0 +1 @@
{"type":"integration","capturedAtUtc":"2026-02-13T09:10:00Z","testCommand":"dotnet test \"src\Concelier\__Tests\StellaOps.Concelier.SbomIntegration.Tests\StellaOps.Concelier.SbomIntegration.Tests.csproj\" --no-restore -v normal","testFilter":"SbomAdvisoryMatcherTests, SbomScoreIntegrationTests, SbomRegistryServiceTests","testsRun":130,"testsPassed":130,"testsFailed":0,"behaviorVerified":["PURL matching: SBOM components matched against canonical advisories by PURL (16+ ecosystems)","CPE matching: SBOM components matched against advisory CPEs","VEX filtering: not_affected VEX statements filter out false positive matches","Interest score update: after SBOM learning, affected advisories have interest scores recalculated","Reachability correlation: deployed/reachable components weighted higher in matching","Registry service: SBOM registration with artifact digest tracking"],"assertionTypes":["Assert.Single/Assert.Equal on match results","Assert.Contains on matched PURL/CPE entries","Moq verification of canonical advisory service and interest score service calls"],"newTestsWritten":[],"bugsFixed":[],"rawOutput":"Passed! - Failed: 0, Passed: 130, Skipped: 0, Total: 130, Duration: 1s 255ms - StellaOps.Concelier.SbomIntegration.Tests.dll (net10.0|x64)","verdict":"pass"}