stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

feat(audit): Apply TreatWarningsAsErrors=true to 160+ production csproj files

Browse Source 
Sprint: SPRINT_20251229_049_BE_csproj_audit_maint_tests
Tasks: AUDIT-0001 through AUDIT-0147 APPLY tasks (approved decisions 1-9)

Changes:
- Set TreatWarningsAsErrors=true for all production .NET projects
- Fixed nullable warnings in Scanner.EntryTrace, Scanner.Evidence,
  Scheduler.Worker, Concelier connectors, and other modules
- Injected TimeProvider/IGuidProvider for deterministic time/ID generation
- Added path traversal validation in AirGap.Bundle
- Fixed NULL handling in various cursor classes
- Third-party GostCryptography retains TreatWarningsAsErrors=false (preserves original)
- Test projects excluded per user decision (rejected decision 10)

Note: All 17 ACSC connector tests pass after snapshot fixture sync
This commit is contained in:
StellaOps Bot
2026-01-04 11:21:16 +02:00
parent bc4dd4f377
commit e411fde1a9
438 changed files with 2648 additions and 668 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/Concelier/__Libraries/StellaOps.Concelier.SbomIntegration/SbomRegistryService.cs
View File

@@ -6,6 +6,8 @@
// -----------------------------------------------------------------------------
using System.Diagnostics;
using System.Security.Cryptography;
using System.Text;
using Microsoft.Extensions.Logging;
using StellaOps.Concelier.Interest;
using StellaOps.Concelier.SbomIntegration.Events;
@@ -62,7 +64,7 @@ public sealed class SbomRegistryService : ISbomRegistryService
var registration = new SbomRegistration
{
Id = Guid.NewGuid(),
Id = ComputeDeterministicRegistrationId(input.Digest, input.TenantId),
Digest = input.Digest,
Format = input.Format,
SpecVersion = input.SpecVersion,
@@ -526,4 +528,14 @@ public sealed class SbomRegistryService : ISbomRegistryService
}
#endregion
/// <summary>
/// Computes a deterministic registration ID from SBOM digest and tenant.
/// </summary>
private static Guid ComputeDeterministicRegistrationId(string digest, string tenantId)
{
var input = $"SBOM_REG:{tenantId}:{digest}";
var hashBytes = SHA256.HashData(Encoding.UTF8.GetBytes(input))[..16];
return new Guid(hashBytes);
}
}