stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

Add receipt input JSON and SHA256 hash for CVSS policy scoring tests

Browse Source 
- Introduced a new JSON fixture `receipt-input.json` containing base, environmental, and threat metrics for CVSS scoring.
- Added corresponding SHA256 hash file `receipt-input.sha256` to ensure integrity of the JSON fixture.
This commit is contained in:
StellaOps Bot
2025-12-04 07:30:42 +02:00
parent 2d079d61ed
commit e1262eb916
91 changed files with 19493 additions and 187 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/modules/scanner/fixtures/adapters/README.md
View File

@@ -2,3 +2,7 @@
- Location for mapping CSVs converting CVSS v4→v3.1, CDX 1.7→1.6, SLSA 1.2→1.0.
- Each CSV must include BLAKE3 and SHA256 hash recorded in accompanying `hashes.txt`.
- Adapters are pure (no network); determinism enforced in CI.
- Files added:
- `mapping-cvss4-to-cvss3.csv`
- `mapping-slsa12-to-slsa10.csv`
- `mapping-cdx17-to-cdx16.csv` (placeholder empty; fill once downgrade rules freeze).