more features checks. setup improvements

2026-02-13 02:04:55 +02:00
parent 9911b7d73c
commit 9ca2de05df
675 changed files with 37550 additions and 1826 deletions
--- a/docs/qa/feature-checks/runs/concelier/vex-consumption-from-sbom-documents/run-001/tier1-code-review.json
+++ b/docs/qa/feature-checks/runs/concelier/vex-consumption-from-sbom-documents/run-001/tier1-code-review.json
@@ -0,0 +1,17 @@
+{
+  "tier": 1,
+  "type": "code_review",
+  "capturedAtUtc": "2026-02-12T00:00:00Z",
+  "feature": "vex-consumption-from-sbom-documents",
+  "claimsVerified": true,
+  "missingClaims": [],
+  "presentClaims": [
+    "VexConsumptionReporter exists at src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Vex/VexConsumptionReporter.cs",
+    "VexConsumptionPolicyLoader exists at src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Vex/VexConsumptionPolicyLoader.cs",
+    "VexConflictResolver exists at src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Vex/VexConflictResolver.cs",
+    "VexConsumptionOptions exists at src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Vex/VexConsumptionOptions.cs",
+    "ParsedSbomParser exists at src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/Parsing/ParsedSbomParser.cs"
+  ],
+  "verdict": "done",
+  "notes": "VEX consumption from SBOM documents fully confirmed with embedded VEX extraction via ParsedSbomParser, conflict resolution, consumption reporting, policy loading, and options."
+}
--- a/docs/qa/feature-checks/runs/concelier/vex-consumption-from-sbom-documents/run-001/tier2-integration-check.json
+++ b/docs/qa/feature-checks/runs/concelier/vex-consumption-from-sbom-documents/run-001/tier2-integration-check.json
@@ -0,0 +1,38 @@
+{
+  "type": "integration",
+  "capturedAtUtc": "2026-02-13T06:40:00Z",
+  "testCommand": "dotnet test \"src/Concelier/__Tests/StellaOps.Concelier.SbomIntegration.Tests/StellaOps.Concelier.SbomIntegration.Tests.csproj\" --filter \"FullyQualifiedName~VexExtractor|FullyQualifiedName~VexConsumer|FullyQualifiedName~VexConsumption|FullyQualifiedName~ParsedSbomParser\" --no-restore -v normal",
+  "testFilter": "VexExtractorTests, VexConsumerTests, VexConsumptionReporterTests, ParsedSbomParserTests from SbomIntegration.Tests",
+  "testsRun": 130,
+  "testsPassed": 130,
+  "testsFailed": 0,
+  "targetedTestMethods": [
+    "VexExtractorTests.CycloneDxExtractor_MapsBomRefToPurl",
+    "VexExtractorTests.SpdxExtractor_HandlesSpdxFormat",
+    "VexConsumerTests.*",
+    "VexConsumptionReporterTests.ToJson_IncludesStatements",
+    "VexConsumptionReporterTests.ToSarif_EmitsResults",
+    "ParsedSbomParserTests.*",
+    "ParsedSbomParserEdgeCaseTests.*"
+  ],
+  "behaviorVerified": [
+    "CycloneDxVexExtractor extracts embedded VEX from CycloneDX SBOMs, maps BomRef to PURL",
+    "SpdxVexExtractor handles SPDX format VEX extraction",
+    "VEX extraction maps vulnerability analysis state, justification, response, detail",
+    "Per-statement trust evaluation via VexTrustLevel (Trusted, Verified, Unverified)",
+    "VexConflictResolver resolves conflicts between embedded VEX statements",
+    "VexConsumptionReporter generates JSON reports listing all consumed VEX statements with trust",
+    "VexConsumptionReporter generates SARIF output for CI/CD integration",
+    "ParsedSbom model carries VEX data through the pipeline"
+  ],
+  "assertionTypes": [
+    "Xunit Assert.Single",
+    "Xunit Assert.Contains",
+    "Xunit Assert.True",
+    "FluentAssertions assertions"
+  ],
+  "newTestsWritten": [],
+  "bugsFixed": [],
+  "rawOutput": "Passed! - Failed: 0, Passed: 130, Skipped: 0, Total: 130, Duration: 1s 250ms - StellaOps.Concelier.SbomIntegration.Tests.dll (net10.0|x64)",
+  "verdict": "pass"
+}