save progress

2026-01-09 18:27:36 +02:00
parent e608752924
commit a21d3dbc1f
361 changed files with 63068 additions and 1192 deletions
--- a/src/VexLens/__Libraries/StellaOps.VexLens.Spdx3/VulnerabilityElementBuilder.cs
+++ b/src/VexLens/__Libraries/StellaOps.VexLens.Spdx3/VulnerabilityElementBuilder.cs
@@ -49,27 +49,27 @@ public sealed class VulnerabilityElementBuilder
        {
            _externalIdentifiers.Add(new Spdx3ExternalIdentifier
            {
-                ExternalIdentifierType = "cve",
+                ExternalIdentifierType = Spdx3ExternalIdentifierType.Cve,
                Identifier = vulnerabilityId,
-                IdentifierLocator = ImmutableArray.Create($"https://nvd.nist.gov/vuln/detail/{vulnerabilityId}")
+                Comment = $"https://nvd.nist.gov/vuln/detail/{vulnerabilityId}"
            });
        }
        else if (vulnerabilityId.StartsWith("GHSA-", StringComparison.OrdinalIgnoreCase))
        {
            _externalIdentifiers.Add(new Spdx3ExternalIdentifier
            {
-                ExternalIdentifierType = "ghsa",
+                ExternalIdentifierType = Spdx3ExternalIdentifierType.SecurityOther,
                Identifier = vulnerabilityId,
-                IdentifierLocator = ImmutableArray.Create($"https://github.com/advisories/{vulnerabilityId}")
+                Comment = $"GitHub Security Advisory: https://github.com/advisories/{vulnerabilityId}"
            });
        }
        else if (vulnerabilityId.StartsWith("OSV-", StringComparison.OrdinalIgnoreCase))
        {
            _externalIdentifiers.Add(new Spdx3ExternalIdentifier
            {
-                ExternalIdentifierType = "osv",
+                ExternalIdentifierType = Spdx3ExternalIdentifierType.SecurityOther,
                Identifier = vulnerabilityId,
-                IdentifierLocator = ImmutableArray.Create($"https://osv.dev/vulnerability/{vulnerabilityId}")
+                Comment = $"OSV Vulnerability: https://osv.dev/vulnerability/{vulnerabilityId}"
            });
        }

@@ -119,7 +119,7 @@ public sealed class VulnerabilityElementBuilder
        ArgumentException.ThrowIfNullOrWhiteSpace(cveId);
        _externalRefs.Add(new Spdx3ExternalRef
        {
-            ExternalRefType = "securityAdvisory",
+            ExternalRefType = Spdx3ExternalRefType.SecurityAdvisory,
            Locator = ImmutableArray.Create($"https://nvd.nist.gov/vuln/detail/{cveId}")
        });
        return this;
@@ -135,7 +135,7 @@ public sealed class VulnerabilityElementBuilder
        ArgumentException.ThrowIfNullOrWhiteSpace(vulnerabilityId);
        _externalRefs.Add(new Spdx3ExternalRef
        {
-            ExternalRefType = "securityAdvisory",
+            ExternalRefType = Spdx3ExternalRefType.SecurityAdvisory,
            Locator = ImmutableArray.Create($"https://osv.dev/vulnerability/{vulnerabilityId}")
        });
        return this;
@@ -147,9 +147,8 @@ public sealed class VulnerabilityElementBuilder
    /// <param name="refType">The reference type.</param>
    /// <param name="locator">The reference URL.</param>
    /// <returns>This builder for fluent chaining.</returns>
-    public VulnerabilityElementBuilder WithExternalRef(string refType, string locator)
+    public VulnerabilityElementBuilder WithExternalRef(Spdx3ExternalRefType refType, string locator)
    {
-        ArgumentException.ThrowIfNullOrWhiteSpace(refType);
        ArgumentException.ThrowIfNullOrWhiteSpace(locator);
        _externalRefs.Add(new Spdx3ExternalRef
        {
@@ -213,57 +212,3 @@ public sealed class VulnerabilityElementBuilder
        return $"{_spdxIdPrefix.TrimEnd('/')}/vulnerability/{shortHash}";
    }
 }
-
-/// <summary>
-/// SPDX 3.0.1 External Identifier.
-/// Sprint: SPRINT_20260107_004_004 Task SP-004
-/// </summary>
-public sealed record Spdx3ExternalIdentifier
-{
-    /// <summary>
-    /// Gets or sets the external identifier type (e.g., "cve", "ghsa", "osv").
-    /// </summary>
-    public required string ExternalIdentifierType { get; init; }
-
-    /// <summary>
-    /// Gets or sets the identifier value.
-    /// </summary>
-    public required string Identifier { get; init; }
-
-    /// <summary>
-    /// Gets or sets the locator URLs for the identifier.
-    /// </summary>
-    public ImmutableArray<string> IdentifierLocator { get; init; } = ImmutableArray<string>.Empty;
-
-    /// <summary>
-    /// Gets or sets issuing authority of the identifier.
-    /// </summary>
-    public string? IssuingAuthority { get; init; }
-}
-
-/// <summary>
-/// SPDX 3.0.1 External Reference.
-/// Sprint: SPRINT_20260107_004_004 Task SP-004
-/// </summary>
-public sealed record Spdx3ExternalRef
-{
-    /// <summary>
-    /// Gets or sets the external reference type (e.g., "securityAdvisory").
-    /// </summary>
-    public required string ExternalRefType { get; init; }
-
-    /// <summary>
-    /// Gets or sets the locator URLs.
-    /// </summary>
-    public ImmutableArray<string> Locator { get; init; } = ImmutableArray<string>.Empty;
-
-    /// <summary>
-    /// Gets or sets the content type of the referenced resource.
-    /// </summary>
-    public string? ContentType { get; init; }
-
-    /// <summary>
-    /// Gets or sets a comment about the reference.
-    /// </summary>
-    public string? Comment { get; init; }
-}