stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Add receipt input JSON and SHA256 hash for CVSS policy scoring tests

Browse Source 
- Introduced a new JSON fixture `receipt-input.json` containing base, environmental, and threat metrics for CVSS scoring.
- Added corresponding SHA256 hash file `receipt-input.sha256` to ensure integrity of the JSON fixture.
This commit is contained in:
StellaOps Bot
2025-12-04 07:30:42 +02:00
parent 2d079d61ed
commit e1262eb916
91 changed files with 19493 additions and 187 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/modules/scanner/fixtures/adapters/mapping-slsa12-to-slsa10.csv Normal file
View File

@@ -0,0 +1,10 @@
source_field,target_field,rule,notes
builder.id,builder.id,copy,""
builder.version,builder.version,copy,""
invocation.configSource.uri,configSource.uri,copy,""
invocation.configSource.digest,configSource.digest,copy,""
materials[],materials[],copy,"Keep materials but drop integrity fields unsupported in 1.0"
subject[],subject[],copy,""
provenance.dsse,metadata.buildInvocationID,copy,"Use DSSE hash as buildInvocationID placeholder"
metadata.startedOn,metadata.buildStartedOn,copy,""
metadata.finishedOn,metadata.buildFinishedOn,copy,""
1 source_field target_field rule notes
2 builder.id builder.id copy
3 builder.version builder.version copy
4 invocation.configSource.uri configSource.uri copy
5 invocation.configSource.digest configSource.digest copy
6 materials[] materials[] copy Keep materials but drop integrity fields unsupported in 1.0
7 subject[] subject[] copy
8 provenance.dsse metadata.buildInvocationID copy Use DSSE hash as buildInvocationID placeholder
9 metadata.startedOn metadata.buildStartedOn copy
10 metadata.finishedOn metadata.buildFinishedOn copy