Add comprehensive tests for PathConfidenceScorer, PathEnumerator, ShellSymbolicExecutor, and SymbolicState

- Implemented unit tests for PathConfidenceScorer to evaluate path scoring under various conditions, including empty constraints, known and unknown constraints, environmental dependencies, and custom weights. - Developed tests for PathEnumerator to ensure correct path enumeration from simple scripts, handling known environments, and respecting maximum paths and depth limits. - Created tests for ShellSymbolicExecutor to validate execution of shell scripts, including handling of commands, branching, and environment tracking. - Added tests for SymbolicState to verify state management, variable handling, constraint addition, and environment dependency collection.
2025-12-20 14:03:31 +02:00
parent 0ada1b583f
commit ce8cdcd23d
71 changed files with 12438 additions and 3349 deletions
--- a/src/Excititor/__Libraries/StellaOps.Excititor.Core/VexQuery.cs
+++ b/src/Excititor/__Libraries/StellaOps.Excititor.Core/VexQuery.cs
@@ -124,7 +124,9 @@ public sealed partial record VexQuerySignature
            components.Add($"view={query.View}");
        }

-        return new VexQuerySignature(string.Join('&', components));
+        // Empty query signature uses "*" to indicate "all" / no filters
+        var signature = components.Count > 0 ? string.Join('&', components) : "*";
+        return new VexQuerySignature(signature);
    }

    public VexContentAddress ComputeHash()
--- a/src/Excititor/__Libraries/StellaOps.Excititor.Formats.CSAF/CsafExporter.cs
+++ b/src/Excititor/__Libraries/StellaOps.Excititor.Formats.CSAF/CsafExporter.cs
@@ -434,10 +434,10 @@ public sealed class CsafExporter : IVexExporter
 }

 internal sealed record CsafExportDocument(
-    CsafDocumentSection Document,
-    CsafProductTreeSection ProductTree,
-    ImmutableArray<CsafExportVulnerability> Vulnerabilities,
-    CsafExportMetadata Metadata);
+    [property: JsonPropertyName("document")] CsafDocumentSection Document,
+    [property: JsonPropertyName("product_tree")] CsafProductTreeSection ProductTree,
+    [property: JsonPropertyName("vulnerabilities")] ImmutableArray<CsafExportVulnerability> Vulnerabilities,
+    [property: JsonPropertyName("metadata")] CsafExportMetadata Metadata);

 internal sealed record CsafDocumentSection(
    [property: JsonPropertyName("category")] string Category,
--- a/src/Excititor/__Libraries/StellaOps.Excititor.Formats.CycloneDX/StellaOps.Excititor.Formats.CycloneDX.csproj
+++ b/src/Excititor/__Libraries/StellaOps.Excititor.Formats.CycloneDX/StellaOps.Excititor.Formats.CycloneDX.csproj
@@ -6,6 +6,9 @@
    <ImplicitUsings>enable</ImplicitUsings>
    <TreatWarningsAsErrors>false</TreatWarningsAsErrors>
  </PropertyGroup>
+  <ItemGroup>
+    <InternalsVisibleTo Include="StellaOps.Excititor.Formats.CycloneDX.Tests" />
+  </ItemGroup>
  <ItemGroup>
    <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="10.0.0" />
    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="10.0.0" />
--- a/src/Excititor/__Libraries/StellaOps.Excititor.Formats.OpenVEX/OpenVexExporter.cs
+++ b/src/Excititor/__Libraries/StellaOps.Excititor.Formats.OpenVEX/OpenVexExporter.cs
@@ -3,6 +3,8 @@ using System.Collections.Immutable;
 using System.Globalization;
 using System.IO;
 using System.Linq;
+using System.Reflection;
+using System.Runtime.Serialization;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json.Serialization;
@@ -118,7 +120,7 @@ public sealed class OpenVexExporter : IVexExporter
        var sources = statement.Sources
            .Select(source => new OpenVexExportSource(
                Provider: source.ProviderId,
-                Status: source.Status.ToString().ToLowerInvariant(),
+                Status: ToEnumMemberValue(source.Status),
                Justification: source.Justification?.ToString().ToLowerInvariant(),
                DocumentDigest: source.DocumentDigest,
                SourceUri: source.DocumentSource.ToString(),
@@ -141,7 +143,7 @@ public sealed class OpenVexExporter : IVexExporter
        return new OpenVexExportStatement(
            Id: statementId,
            Vulnerability: statement.VulnerabilityId,
-            Status: statement.Status.ToString().ToLowerInvariant(),
+            Status: ToEnumMemberValue(statement.Status),
            Justification: statement.Justification?.ToString().ToLowerInvariant(),
            Timestamp: statement.FirstObserved.UtcDateTime.ToString("O", CultureInfo.InvariantCulture),
            LastUpdated: statement.LastObserved.UtcDateTime.ToString("O", CultureInfo.InvariantCulture),
@@ -150,6 +152,13 @@ public sealed class OpenVexExporter : IVexExporter
            Sources: sources);
    }

+    private static string ToEnumMemberValue<TEnum>(TEnum value) where TEnum : struct, Enum
+    {
+        var memberInfo = typeof(TEnum).GetField(value.ToString());
+        var attribute = memberInfo?.GetCustomAttribute<EnumMemberAttribute>();
+        return attribute?.Value ?? value.ToString().ToLowerInvariant();
+    }
+
    private static string NormalizeProductKey(string key)
    {
        if (string.IsNullOrWhiteSpace(key))