git.stella-ops.org

Author	SHA1	Message	Date
master	5a480a3c2a	Add call graph fixtures for various languages and scenarios Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details Lighthouse CI / Lighthouse Audit (push) Has been cancelled Details Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Reachability Corpus Validation / validate-corpus (push) Has been cancelled Details Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Reachability Corpus Validation / determinism-check (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details - Introduced `all-edge-reasons.json` to test edge resolution reasons in .NET. - Added `all-visibility-levels.json` to validate method visibility levels in .NET. - Created `dotnet-aspnetcore-minimal.json` for a minimal ASP.NET Core application. - Included `go-gin-api.json` for a Go Gin API application structure. - Added `java-spring-boot.json` for the Spring PetClinic application in Java. - Introduced `legacy-no-schema.json` for legacy application structure without schema. - Created `node-express-api.json` for an Express.js API application structure.	2025-12-16 10:44:24 +02:00
StellaOps Bot	f1a39c4ce3	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-13 18:08:55 +02:00
StellaOps Bot	6e45066e37	up Some checks failed Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Simulation / policy-simulate (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details	2025-12-13 09:37:15 +02:00
StellaOps Bot	56e2f64d07	reachability test material	2025-11-25 23:26:46 +02:00
master	616ec73133	Refactor JSON structures for reachability cases in reachbench-2025 - Updated symbols.json for rust-axum-header-parsing-TBD to include case_id and schema_version, removing unnecessary components. - Modified vex.openvex.json for rust-axum-header-parsing-TBD to change author and role, and updated vulnerability status. - Simplified attestation.dsse.json for wordpress-core-CVE-2022-21661-sqli to remove unnecessary fields and added payloadType. - Adjusted callgraph.framework.json and callgraph.static.json for wordpress-core-CVE-2022-21661-sqli to include empty nodes and edges with updated schema_version. - Enhanced manifest.json for wordpress-core-CVE-2022-21661-sqli to include case_id and files with checksums, and updated schema_version. - Updated reachgraph.truth.json for wordpress-core-CVE-2022-21661-sqli to reflect empty paths and added case_id. - Modified sbom.cdx.json and sbom.spdx.json for wordpress-core-CVE-2022-21661-sqli to include metadata and updated specVersion. - Refined symbols.json for wordpress-core-CVE-2022-21661-sqli to include case_id and schema_version, with an empty symbols array. - Updated vex.openvex.json for wordpress-core-CVE-2022-21661-sqli to change author and role, and updated vulnerability status. - Adjusted unreachable cases for wordpress-core-CVE-2022-21661-sqli to reflect similar structural changes as reachable cases.	2025-11-19 00:24:12 +02:00
master	536f6249a6	Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Created CycloneDX and SPDX SBOM files for both reachable and unreachable images. - Added symbols.json detailing function entry and sink points in the WordPress code. - Included runtime traces for function calls in both reachable and unreachable scenarios. - Developed OpenVEX files indicating vulnerability status and justification for both cases. - Updated README for evaluator harness to guide integration with scanner output.	2025-11-08 20:53:45 +02:00

6 Commits