stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: Add Promotion-Time Attestations for Stella Ops

Browse Source 
- Introduced a new document for promotion-time attestations, detailing the purpose, predicate schema, producer workflow, verification flow, APIs, and security considerations.
- Implemented the `stella.ops/promotion@v1` predicate schema to capture promotion evidence including image digest, SBOM/VEX artifacts, and Rekor proof.
- Defined producer responsibilities and workflows for CLI orchestration, signer responsibilities, and Export Center integration.
- Added verification steps for auditors to validate promotion attestations offline.

feat: Create Symbol Manifest v1 Specification

- Developed a specification for Symbol Manifest v1 to provide a deterministic format for publishing debug symbols and source maps.
- Defined the manifest structure, including schema, entries, source maps, toolchain, and provenance.
- Outlined upload and verification processes, resolve APIs, runtime proxy, caching, and offline bundle generation.
- Included security considerations and related tasks for implementation.

chore: Add Ruby Analyzer with Git Sources

- Created a Gemfile and Gemfile.lock for Ruby analyzer with dependencies on git-gem, httparty, and path-gem.
- Implemented main application logic to utilize the defined gems and output their versions.
- Added expected JSON output for the Ruby analyzer to validate the integration of the new gems and their functionalities.
- Developed internal observation classes for Ruby packages, runtime edges, and capabilities, including serialization logic for observations.

test: Add tests for Ruby Analyzer

- Created test fixtures for Ruby analyzer, including Gemfile, Gemfile.lock, main application, and expected JSON output.
- Ensured that the tests validate the correct integration and functionality of the Ruby analyzer with the specified gems.
This commit is contained in:
master
2025-11-11 15:30:22 +02:00
parent 56c687253f
commit c2c6b58b41
56 changed files with 2305 additions and 198 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
seed-data/analyzers/ruby/git-sources/Gemfile.lock Normal file
View File

@@ -0,0 +1,31 @@
GIT
remote: https://github.com/example/git-gem.git
revision: 0123456789abcdef0123456789abcdef01234567
branch: main
specs:
git-gem (0.5.0)
PATH
remote: vendor/plugins/path-gem
specs:
path-gem (2.1.3)
rake (~> 13.0)
GEM
remote: https://rubygems.org/
specs:
httparty (0.21.0)
multi_xml (~> 0.5)
multi_xml (0.6.0)
rake (13.1.0)
PLATFORMS
ruby
DEPENDENCIES
git-gem!
httparty (~> 0.21.0)
path-gem (~> 2.1)!
BUNDLED WITH
2.5.10