stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
docs/features/checked/scanner/sarif-2-1-0-export-system.md Normal file
View File

@@ -0,0 +1,44 @@
# SARIF 2.1.0 Export System (Findings, SmartDiff, GitHub Code Scanning)
## Module
Scanner
## Status
VERIFIED
## Description
Full SARIF 2.1.0 export service with rule registry (STELLA-VULN, STELLA-SEC, STELLA-SC, STELLA-BIN taxonomy), fingerprint generation, schema validation, export options, and dedicated library. Exports both main findings and SmartDiff results (rules SDIFF001-004). GitHub code scanning integration endpoints and IDE-compatible output.
## Implementation Details
- **SARIF Export Service**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Sarif/SarifExportService.cs` - `SarifExportService` converts scanner findings into SARIF 2.1.0 format documents
- `src/Scanner/__Libraries/StellaOps.Scanner.Sarif/ISarifExportService.cs` - Interface for SARIF export
- `src/Scanner/__Libraries/StellaOps.Scanner.Sarif/SarifExportOptions.cs` - `SarifExportOptions` controlling export behavior (include SmartDiff, fingerprints, etc.)
- **Rule Registry**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Sarif/Rules/SarifRuleRegistry.cs` - `SarifRuleRegistry` maintaining the taxonomy of SARIF rules (STELLA-VULN, STELLA-SEC, STELLA-SC, STELLA-BIN) and SmartDiff rules (SDIFF001-004)
- `src/Scanner/__Libraries/StellaOps.Scanner.Sarif/Rules/ISarifRuleRegistry.cs` - Interface for rule registry
- **Fingerprint Generation**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Sarif/Fingerprints/FingerprintGenerator.cs` - `FingerprintGenerator` produces deterministic fingerprints for SARIF results to enable deduplication
- `src/Scanner/__Libraries/StellaOps.Scanner.Sarif/Fingerprints/IFingerprintGenerator.cs` - Interface for fingerprint generation
- **Models**:
- `src/Scanner/__Libraries/StellaOps.Scanner.Sarif/Models/SarifModels.cs` - SARIF 2.1.0 data models (SarifLog, Run, Result, Rule, Location, etc.)
- `src/Scanner/__Libraries/StellaOps.Scanner.Sarif/FindingInput.cs` - `FindingInput` model converting scanner findings into SARIF-compatible input
## E2E Test Plan
- [ ] Export scanner findings in SARIF 2.1.0 format and verify the output validates against the SARIF 2.1.0 JSON schema
- [ ] Verify the rule registry includes all expected rule IDs (STELLA-VULN-*, STELLA-SEC-*, STELLA-SC-*, STELLA-BIN-*) with correct taxonomy metadata
- [ ] Verify SmartDiff results are exported with rules SDIFF001-004 and include change context (added/removed/modified findings)
- [ ] Verify fingerprint generation produces deterministic fingerprints for the same finding across exports
- [ ] Verify the SARIF output is compatible with GitHub code scanning upload format (correct schema version, tool information, and result structure)
- [ ] Verify `SarifExportOptions` correctly controls which findings are included (e.g., filtering by severity, including/excluding SmartDiff)
---
## Verification
| Check | Result |
|-------|--------|
| Tier 0 - Source files exist | PASS |
| Tier 1 - Build + code review | PASS |
| Tier 2 - Integration tests | PASS |
| Verified | 2026-02-13T18:10:00Z |