git.stella-ops.org

Author	SHA1	Message	Date
master	5a480a3c2a	Add call graph fixtures for various languages and scenarios Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details Lighthouse CI / Lighthouse Audit (push) Has been cancelled Details Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Reachability Corpus Validation / validate-corpus (push) Has been cancelled Details Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Reachability Corpus Validation / determinism-check (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details - Introduced `all-edge-reasons.json` to test edge resolution reasons in .NET. - Added `all-visibility-levels.json` to validate method visibility levels in .NET. - Created `dotnet-aspnetcore-minimal.json` for a minimal ASP.NET Core application. - Included `go-gin-api.json` for a Go Gin API application structure. - Added `java-spring-boot.json` for the Spring PetClinic application in Java. - Introduced `legacy-no-schema.json` for legacy application structure without schema. - Created `node-express-api.json` for an Express.js API application structure.	2025-12-16 10:44:24 +02:00
StellaOps Bot	f1a39c4ce3	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-13 18:08:55 +02:00
StellaOps Bot	6e45066e37	up Some checks failed Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Simulation / policy-simulate (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details	2025-12-13 09:37:15 +02:00
StellaOps Bot	999e26a48e	up	2025-12-13 02:22:15 +02:00
StellaOps Bot	ea970ead2a	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details sdk-generator-smoke / sdk-smoke (push) Has been cancelled Details SDK Publish & Sign / sdk-publish (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-11-27 07:46:56 +02:00
StellaOps Bot	1c782897f7	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details	2025-11-26 07:47:08 +02:00
StellaOps Bot	56e2f64d07	reachability test material	2025-11-25 23:26:46 +02:00
master	10212d67c0	Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls. Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details	2025-11-20 07:50:52 +02:00
master	616ec73133	Refactor JSON structures for reachability cases in reachbench-2025 - Updated symbols.json for rust-axum-header-parsing-TBD to include case_id and schema_version, removing unnecessary components. - Modified vex.openvex.json for rust-axum-header-parsing-TBD to change author and role, and updated vulnerability status. - Simplified attestation.dsse.json for wordpress-core-CVE-2022-21661-sqli to remove unnecessary fields and added payloadType. - Adjusted callgraph.framework.json and callgraph.static.json for wordpress-core-CVE-2022-21661-sqli to include empty nodes and edges with updated schema_version. - Enhanced manifest.json for wordpress-core-CVE-2022-21661-sqli to include case_id and files with checksums, and updated schema_version. - Updated reachgraph.truth.json for wordpress-core-CVE-2022-21661-sqli to reflect empty paths and added case_id. - Modified sbom.cdx.json and sbom.spdx.json for wordpress-core-CVE-2022-21661-sqli to include metadata and updated specVersion. - Refined symbols.json for wordpress-core-CVE-2022-21661-sqli to include case_id and schema_version, with an empty symbols array. - Updated vex.openvex.json for wordpress-core-CVE-2022-21661-sqli to change author and role, and updated vulnerability status. - Adjusted unreachable cases for wordpress-core-CVE-2022-21661-sqli to reflect similar structural changes as reachable cases.	2025-11-19 00:24:12 +02:00
master	56c687253f	feat(ruby): Implement RubyManifestParser for parsing gem groups and dependencies Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details feat(ruby): Add RubyVendorArtifactCollector to collect vendor artifacts test(deno): Add golden tests for Deno analyzer with various fixtures test(deno): Create Deno module and package files for testing test(deno): Implement Deno lock and import map for dependency management test(deno): Add FFI and worker scripts for Deno testing feat(ruby): Set up Ruby workspace with Gemfile and dependencies feat(ruby): Add expected output for Ruby workspace tests feat(signals): Introduce CallgraphManifest model for signal processing	2025-11-10 09:27:03 +02:00
master	69c59defdc	feat: Implement Runtime Facts ingestion service and NDJSON reader Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Added RuntimeFactsNdjsonReader for reading NDJSON formatted runtime facts. - Introduced IRuntimeFactsIngestionService interface and its implementation. - Enhanced Program.cs to register new services and endpoints for runtime facts. - Updated CallgraphIngestionService to include CAS URI in stored artifacts. - Created RuntimeFactsValidationException for validation errors during ingestion. - Added tests for RuntimeFactsIngestionService and RuntimeFactsNdjsonReader. - Implemented SignalsSealedModeMonitor for compliance checks in sealed mode. - Updated project dependencies for testing utilities.	2025-11-10 07:56:15 +02:00
master	536f6249a6	Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Created CycloneDX and SPDX SBOM files for both reachable and unreachable images. - Added symbols.json detailing function entry and sink points in the WordPress code. - Included runtime traces for function calls in both reachable and unreachable scenarios. - Developed OpenVEX files indicating vulnerability status and justification for both cases. - Updated README for evaluator harness to guide integration with scanner output.	2025-11-08 20:53:45 +02:00

12 Commits