git.stella-ops.org

Author	SHA1	Message	Date
StellaOps Bot	3411e825cd	themesd advisories enhanced	2025-12-14 21:29:44 +02:00
StellaOps Bot	9202cd7da8	themed the bulk of advisories	2025-12-14 19:58:38 +02:00
StellaOps Bot	00c41790f4	up Some checks failed Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details ICS/KISA Feed Refresh / refresh (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-14 18:45:56 +02:00
StellaOps Bot	2e70c9fdb6	up Some checks failed LNM Migration CI / build-runner (push) Has been cancelled Details Ledger OpenAPI CI / deprecation-check (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Airgap Sealed CI Smoke / sealed-smoke (push) Has been cancelled Details Ledger Packs CI / build-pack (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Ledger OpenAPI CI / validate-oas (push) Has been cancelled Details Ledger OpenAPI CI / check-wellknown (push) Has been cancelled Details Ledger Packs CI / verify-pack (push) Has been cancelled Details LNM Migration CI / validate-metrics (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details	2025-12-14 18:33:02 +02:00
master	d233fa3529	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-14 16:24:39 +02:00
StellaOps Bot	e2e404e705	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details console-runner-image / build-runner-image (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-14 16:24:16 +02:00
master	01f4943ab9	up	2025-12-14 16:23:44 +02:00
StellaOps Bot	233873f620	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Reachability Corpus Validation / validate-corpus (push) Has been cancelled Details Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Reachability Corpus Validation / determinism-check (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details	2025-12-14 15:50:38 +02:00
StellaOps Bot	f1a39c4ce3	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-13 18:08:55 +02:00
StellaOps Bot	6e45066e37	up Some checks failed Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Simulation / policy-simulate (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details	2025-12-13 09:37:15 +02:00
StellaOps Bot	e00f6365da	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Policy Simulation / policy-simulate (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-13 02:22:54 +02:00
StellaOps Bot	999e26a48e	up	2025-12-13 02:22:15 +02:00
master	d776e93b16	add advisories Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-13 02:08:11 +02:00
StellaOps Bot	564df71bfb	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-13 00:20:26 +02:00
master	3f3473ee3a	feat: add Reachability Center and Why Drawer components with tests Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details - Implemented ReachabilityCenterComponent for displaying asset reachability status with summary and filtering options. - Added ReachabilityWhyDrawerComponent to show detailed reachability evidence and call paths. - Created unit tests for both components to ensure functionality and correctness. - Updated accessibility test results for the new components.	2025-12-12 18:50:35 +02:00
StellaOps Bot	efaf3cb789	up Some checks failed Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-12 09:35:37 +02:00
master	ce5ec9c158	feat: Add in-memory implementations for issuer audit, key, repository, and trust management Some checks failed devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details - Introduced InMemoryIssuerAuditSink to retain audit entries for testing. - Implemented InMemoryIssuerKeyRepository for deterministic key storage. - Created InMemoryIssuerRepository to manage issuer records in memory. - Added InMemoryIssuerTrustRepository for managing issuer trust overrides. - Each repository utilizes concurrent collections for thread-safe operations. - Enhanced deprecation tracking with a comprehensive YAML schema for API governance.	2025-12-11 19:47:43 +02:00
master	ab22181e8b	feat: Implement PostgreSQL repositories for various entities Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details - Added BootstrapInviteRepository for managing bootstrap invites. - Added ClientRepository for handling OAuth/OpenID clients. - Introduced LoginAttemptRepository for logging login attempts. - Created OidcTokenRepository for managing OpenIddict tokens and refresh tokens. - Implemented RevocationExportStateRepository for persisting revocation export state. - Added RevocationRepository for managing revocations. - Introduced ServiceAccountRepository for handling service accounts.	2025-12-11 17:48:25 +02:00
Vladimir Moushkov	1995883476	Add Decision Capsules, hybrid reachability, and evidence-linked VEX docs Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Introduces new marketing bridge documents for Decision Capsules, Hybrid Reachability, and Evidence-Linked VEX. Updates product vision, README, key features, moat, reachability, and VEX consensus docs to reflect four differentiating capabilities: signed reachability (hybrid static/runtime), deterministic replay, explainable policy with evidence-linked VEX, and sovereign/offline operation. All scan decisions are now described as sealed, reproducible, and audit-grade, with explicit handling of 'Unknown' states and hybrid reachability evidence.	2025-12-11 14:15:07 +02:00
master	0987cd6ac8	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details	2025-12-11 11:00:51 +02:00
master	b83aa1aa0b	Update Excititor ingestion plan and enhance policy endpoints for overlay integration	2025-12-11 11:00:01 +02:00
StellaOps Bot	ce1f282ce0	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details	2025-12-11 08:20:15 +02:00
StellaOps Bot	b8b493913a	up	2025-12-11 08:20:04 +02:00
StellaOps Bot	49922dff5a	up the blokcing tasks Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Risk Bundle CI / risk-bundle-build (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Risk Bundle CI / risk-bundle-offline-kit (push) Has been cancelled Details Risk Bundle CI / publish-checksums (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-11 02:32:18 +02:00
StellaOps Bot	92bc4d3a07	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-10 21:34:38 +02:00
StellaOps Bot	0ad4777259	Update SPRINT_0513_0001_0001_public_reachability_benchmark.md	2025-12-10 21:34:33 +02:00
master	b7059d523e	Refactor and update test projects, remove obsolete tests, and upgrade dependencies - Deleted obsolete test files for SchedulerAuditService and SchedulerMongoSessionFactory. - Removed unused TestDataFactory class. - Updated project files for Mongo.Tests to remove references to deleted files. - Upgraded BouncyCastle.Cryptography package to version 2.6.2 across multiple projects. - Replaced Microsoft.Extensions.Http.Polly with Microsoft.Extensions.Http.Resilience in Zastava.Webhook project. - Updated NetEscapades.Configuration.Yaml package to version 3.1.0 in Configuration library. - Upgraded Pkcs11Interop package to version 5.1.2 in Cryptography libraries. - Refactored Argon2idPasswordHasher to use BouncyCastle for hashing instead of Konscious. - Updated JsonSchema.Net package to version 7.3.2 in Microservice project. - Updated global.json to use .NET SDK version 10.0.101.	2025-12-10 19:13:29 +02:00
master	96e5646977	add advisories	2025-12-09 20:23:50 +02:00
master	a3c7fe5e88	add advisories Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-09 18:45:57 +02:00
master	199aaf74d8	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-09 13:08:17 +02:00
master	f30805ad7f	up	2025-12-09 10:50:15 +02:00
StellaOps Bot	108d1c64b3	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details cryptopro-linux-csp / build-and-test (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details sm-remote-ci / build-and-test (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-09 09:38:09 +02:00
StellaOps Bot	bc0762e97d	up	2025-12-09 00:20:52 +02:00
StellaOps Bot	3d01bf9edc	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Risk Bundle CI / risk-bundle-build (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Risk Bundle CI / risk-bundle-offline-kit (push) Has been cancelled Details Risk Bundle CI / publish-checksums (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-07 23:38:50 +02:00
StellaOps Bot	68bc53a07b	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details	2025-12-07 23:07:09 +02:00
StellaOps Bot	4b124fb056	update exportcenter_ii and fix Sm2AttestorTests	2025-12-07 22:51:01 +02:00
StellaOps Bot	7c24ed96ee	up	2025-12-07 22:49:53 +02:00
StellaOps Bot	11597679ed	feat: Implement BerkeleyDB reader for RPM databases Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details console-runner-image / build-runner-image (push) Has been cancelled Details wine-csp-build / Build Wine CSP Image (push) Has been cancelled Details wine-csp-build / Integration Tests (push) Has been cancelled Details wine-csp-build / Security Scan (push) Has been cancelled Details wine-csp-build / Generate SBOM (push) Has been cancelled Details wine-csp-build / Publish Image (push) Has been cancelled Details wine-csp-build / Air-Gap Bundle (push) Has been cancelled Details wine-csp-build / Test Summary (push) Has been cancelled Details - Added BerkeleyDbReader class to read and extract RPM header blobs from BerkeleyDB hash databases. - Implemented methods to detect BerkeleyDB format and extract values, including handling of page sizes and magic numbers. - Added tests for BerkeleyDbReader to ensure correct functionality and header extraction. feat: Add Yarn PnP data tests - Created YarnPnpDataTests to validate package resolution and data loading from Yarn PnP cache. - Implemented tests for resolved keys, package presence, and loading from cache structure. test: Add egg-info package fixtures for Python tests - Created egg-info package fixtures for testing Python analyzers. - Included PKG-INFO, entry_points.txt, and installed-files.txt for comprehensive coverage. test: Enhance RPM database reader tests - Added tests for RpmDatabaseReader to validate fallback to legacy packages when SQLite is missing. - Implemented helper methods to create legacy package files and RPM headers for testing. test: Implement dual signing tests - Added DualSignTests to validate secondary signature addition when configured. - Created stub implementations for crypto providers and key resolvers to facilitate testing. chore: Update CI script for Playwright Chromium installation - Modified ci-console-exports.sh to ensure deterministic Chromium binary installation for console exports tests. - Added checks for Windows compatibility and environment variable setups for Playwright browsers.	2025-12-07 16:24:45 +02:00
StellaOps Bot	e3f28a21ab	ops/devops: fix console runner build paths and log built image	2025-12-07 15:23:08 +02:00
StellaOps Bot	a403979177	ops/devops: add console runner image CI build	2025-12-07 15:12:34 +02:00
StellaOps Bot	b8641b1959	ops/devops: add offline console runner image scaffold	2025-12-07 15:09:30 +02:00
StellaOps Bot	98e6b76584	Add post-quantum cryptography support with PqSoftCryptoProvider Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details wine-csp-build / Build Wine CSP Image (push) Has been cancelled Details - Implemented PqSoftCryptoProvider for software-only post-quantum algorithms (Dilithium3, Falcon512) using BouncyCastle. - Added PqSoftProviderOptions and PqSoftKeyOptions for configuration. - Created unit tests for Dilithium3 and Falcon512 signing and verification. - Introduced EcdsaPolicyCryptoProvider for compliance profiles (FIPS/eIDAS) with explicit allow-lists. - Added KcmvpHashOnlyProvider for KCMVP baseline compliance. - Updated project files and dependencies for new libraries and testing frameworks.	2025-12-07 15:04:19 +02:00
StellaOps Bot	862bb6ed80	ops/devops: enable console PR CI; document cache seeding	2025-12-07 12:51:28 +00:00
StellaOps Bot	bd2529502e	feat: Implement Wine CSP HTTP provider for GOST cryptographic operations Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details - Added WineCspHttpProvider class to interface with Wine-hosted CryptoPro CSP. - Implemented ICryptoProvider, ICryptoProviderDiagnostics, and IDisposable interfaces. - Introduced WineCspHttpSigner and WineCspHttpHasher for signing and hashing operations. - Created WineCspProviderOptions for configuration settings including service URL and key options. - Developed CryptoProGostSigningService to handle GOST signing operations and key management. - Implemented HTTP service for the Wine CSP with endpoints for signing, verification, and hashing. - Added Swagger documentation for API endpoints. - Included health checks and error handling for service availability. - Established DTOs for request and response models in the service.	2025-12-07 14:02:42 +02:00
StellaOps Bot	965cbf9574	Add unit tests for PhpFrameworkSurface and PhpPharScanner Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details - Implement comprehensive tests for PhpFrameworkSurface, covering scenarios such as empty surfaces, presence of routes, controllers, middlewares, CLI commands, cron jobs, and event listeners. - Validate metadata creation for route counts, HTTP methods, protected and public routes, and route patterns. - Introduce tests for PhpPharScanner, including handling of non-existent files, null or empty paths, invalid PHAR files, and minimal PHAR structures. - Ensure correct computation of SHA256 for valid PHAR files and validate the properties of PhpPharArchive, PhpPharEntry, and PhpPharScanResult.	2025-12-07 13:44:13 +02:00
StellaOps Bot	af30fc322f	ops/devops: add console offline runner spec and CI skeleton	2025-12-07 11:38:46 +00:00
StellaOps Bot	e53a282fbe	feat: Add native binary analyzer test utilities and implement SM2 signing tests Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details - Introduced `NativeTestBase` class for ELF, PE, and Mach-O binary parsing helpers and assertions. - Created `TestCryptoFactory` for SM2 cryptographic provider setup and key generation. - Implemented `Sm2SigningTests` to validate signing functionality with environment gate checks. - Developed console export service and store with comprehensive unit tests for export status management.	2025-12-07 13:12:41 +02:00
StellaOps Bot	8a72779c16	ops: add mock-ready VEX/Vuln runbooks	2025-12-07 00:09:24 +00:00
StellaOps Bot	e0f6efecce	Add comprehensive tests for Go and Python version conflict detection and licensing normalization - Implemented GoVersionConflictDetectorTests to validate pseudo-version detection, conflict analysis, and conflict retrieval for Go modules. - Created VersionConflictDetectorTests for Python to assess conflict detection across various version scenarios, including major, minor, and patch differences. - Added SpdxLicenseNormalizerTests to ensure accurate normalization of SPDX license strings and classifiers. - Developed VendoredPackageDetectorTests to identify vendored packages and extract embedded packages from Python packages, including handling of vendor directories and known vendored packages.	2025-12-07 01:51:37 +02:00
StellaOps Bot	98934170ca	ops: add policy incident runbook draft	2025-12-06 23:30:12 +00:00

1 2 3 4 5 ...

285 Commits