stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat(audit): Apply TreatWarningsAsErrors=true to 160+ production csproj files

Browse Source 
Sprint: SPRINT_20251229_049_BE_csproj_audit_maint_tests
Tasks: AUDIT-0001 through AUDIT-0147 APPLY tasks (approved decisions 1-9)

Changes:
- Set TreatWarningsAsErrors=true for all production .NET projects
- Fixed nullable warnings in Scanner.EntryTrace, Scanner.Evidence,
  Scheduler.Worker, Concelier connectors, and other modules
- Injected TimeProvider/IGuidProvider for deterministic time/ID generation
- Added path traversal validation in AirGap.Bundle
- Fixed NULL handling in various cursor classes
- Third-party GostCryptography retains TreatWarningsAsErrors=false (preserves original)
- Test projects excluded per user decision (rejected decision 10)

Note: All 17 ACSC connector tests pass after snapshot fixture sync
This commit is contained in:
StellaOps Bot
2026-01-04 11:21:16 +02:00
parent bc4dd4f377
commit e411fde1a9
438 changed files with 2648 additions and 668 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/Concelier/__Libraries/StellaOps.Concelier.Connector.Osv/Internal/OsvCursor.cs
View File

@@ -27,14 +27,14 @@ internal sealed record OsvCursor(
{
var document = new DocumentObject
{
["pendingDocuments"] = new DocumentArray(PendingDocuments.Select(id => id.ToString())),
["pendingMappings"] = new DocumentArray(PendingMappings.Select(id => id.ToString())),
["pendingDocuments"] = new DocumentArray(PendingDocuments.OrderBy(id => id).Select(id => id.ToString())),
["pendingMappings"] = new DocumentArray(PendingMappings.OrderBy(id => id).Select(id => id.ToString())),
};
if (LastModifiedByEcosystem.Count > 0)
{
var lastModifiedDoc = new DocumentObject();
foreach (var (ecosystem, timestamp) in LastModifiedByEcosystem)
foreach (var (ecosystem, timestamp) in LastModifiedByEcosystem.OrderBy(kvp => kvp.Key, StringComparer.Ordinal))
{
lastModifiedDoc[ecosystem] = timestamp.HasValue ? DocumentValue.Create(timestamp.Value.UtcDateTime) : DocumentNull.Value;
}
@@ -45,9 +45,9 @@ internal sealed record OsvCursor(
if (ProcessedIdsByEcosystem.Count > 0)
{
var processedDoc = new DocumentObject();
foreach (var (ecosystem, ids) in ProcessedIdsByEcosystem)
foreach (var (ecosystem, ids) in ProcessedIdsByEcosystem.OrderBy(kvp => kvp.Key, StringComparer.Ordinal))
{
processedDoc[ecosystem] = new DocumentArray(ids.Select(id => id));
processedDoc[ecosystem] = new DocumentArray(ids.OrderBy(id => id, StringComparer.Ordinal).Select(id => id));
}
document["processed"] = processedDoc;
@@ -56,7 +56,7 @@ internal sealed record OsvCursor(
if (ArchiveMetadataByEcosystem.Count > 0)
{
var metadataDoc = new DocumentObject();
foreach (var (ecosystem, metadata) in ArchiveMetadataByEcosystem)
foreach (var (ecosystem, metadata) in ArchiveMetadataByEcosystem.OrderBy(kvp => kvp.Key, StringComparer.Ordinal))
{
var element = new DocumentObject();
if (!string.IsNullOrWhiteSpace(metadata.ETag))

11
src/Concelier/__Libraries/StellaOps.Concelier.Connector.Osv/OsvConnector.cs
View File

@@ -192,7 +192,7 @@ public sealed class OsvConnector : IFeedConnector
var sanitized = JsonSerializer.Serialize(dto, SerializerOptions);
var payload = StellaOps.Concelier.Documents.DocumentObject.Parse(sanitized);
var dtoRecord = new DtoRecord(
Guid.NewGuid(),
ComputeDeterministicId(document.Id.ToString(), "osv/1.0"),
document.Id,
SourceName,
"osv.v1",
@@ -434,7 +434,7 @@ public sealed class OsvConnector : IFeedConnector
continue;
}
var recordId = existing?.Id ?? Guid.NewGuid();
var recordId = existing?.Id ?? ComputeDeterministicId(documentUri, "osv-doc/1.0");
_ = await _rawDocumentStorage.UploadAsync(SourceName, documentUri, bytes, "application/json", null, cancellationToken, recordId).ConfigureAwait(false);
var metadata = new Dictionary<string, string>(StringComparer.Ordinal)
{
@@ -613,4 +613,11 @@ public sealed class OsvConnector : IFeedConnector
}
}
}
private Guid ComputeDeterministicId(string source, string identifier)
{
var input = System.Text.Encoding.UTF8.GetBytes($"{source}:{identifier}");
var hash = _hash.ComputeHash(input, HashAlgorithms.Sha256);
return new Guid(hash.AsSpan()[..16]);
}
}

1
src/Concelier/__Libraries/StellaOps.Concelier.Connector.Osv/StellaOps.Concelier.Connector.Osv.csproj
View File

@@ -4,6 +4,7 @@
<TargetFramework>net10.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
</PropertyGroup>
<ItemGroup>
<ProjectReference Include="../../../__Libraries/StellaOps.Plugin/StellaOps.Plugin.csproj" />