git.stella-ops.org

Author	SHA1	Message	Date
master	415eff1207	feat(metrics): Implement scan metrics repository and PostgreSQL integration Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Added IScanMetricsRepository interface for scan metrics persistence and retrieval. - Implemented PostgresScanMetricsRepository for PostgreSQL database interactions, including methods for saving and retrieving scan metrics and execution phases. - Introduced methods for obtaining TTE statistics and recent scans for tenants. - Implemented deletion of old metrics for retention purposes. test(tests): Add SCA Failure Catalogue tests for FC6-FC10 - Created ScaCatalogueDeterminismTests to validate determinism properties of SCA Failure Catalogue fixtures. - Developed ScaFailureCatalogueTests to ensure correct handling of specific failure modes in the scanner. - Included tests for manifest validation, file existence, and expected findings across multiple failure cases. feat(telemetry): Integrate scan completion metrics into the pipeline - Introduced IScanCompletionMetricsIntegration interface and ScanCompletionMetricsIntegration class to record metrics upon scan completion. - Implemented proof coverage and TTE metrics recording with logging for scan completion summaries.	2025-12-16 14:00:35 +02:00
master	b55d9fa68d	Add comprehensive security tests for OWASP A03 (Injection) and A10 (SSRF) Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details - Implemented InjectionTests.cs to cover various injection vulnerabilities including SQL, NoSQL, Command, LDAP, and XPath injections. - Created SsrfTests.cs to test for Server-Side Request Forgery (SSRF) vulnerabilities, including internal URL access, cloud metadata access, and URL allowlist bypass attempts. - Introduced MaliciousPayloads.cs to store a collection of malicious payloads for testing various security vulnerabilities. - Added SecurityAssertions.cs for common security-specific assertion helpers. - Established SecurityTestBase.cs as a base class for security tests, providing common infrastructure and mocking utilities. - Configured the test project StellaOps.Security.Tests.csproj with necessary dependencies for testing.	2025-12-16 13:11:57 +02:00
master	5a480a3c2a	Add call graph fixtures for various languages and scenarios Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details Lighthouse CI / Lighthouse Audit (push) Has been cancelled Details Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Reachability Corpus Validation / validate-corpus (push) Has been cancelled Details Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Reachability Corpus Validation / determinism-check (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details - Introduced `all-edge-reasons.json` to test edge resolution reasons in .NET. - Added `all-visibility-levels.json` to validate method visibility levels in .NET. - Created `dotnet-aspnetcore-minimal.json` for a minimal ASP.NET Core application. - Included `go-gin-api.json` for a Go Gin API application structure. - Added `java-spring-boot.json` for the Spring PetClinic application in Java. - Introduced `legacy-no-schema.json` for legacy application structure without schema. - Created `node-express-api.json` for an Express.js API application structure.	2025-12-16 10:44:24 +02:00
master	4391f35d8a	Refactor SurfaceCacheValidator to simplify oldest entry calculation Add global using for Xunit in test project Enhance ImportValidatorTests with async validation and quarantine checks Implement FileSystemQuarantineServiceTests for quarantine functionality Add integration tests for ImportValidator to check monotonicity Create BundleVersionTests to validate version parsing and comparison logic Implement VersionMonotonicityCheckerTests for monotonicity checks and activation logic	2025-12-16 10:44:00 +02:00
StellaOps Bot	b1f40945b7	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details sm-remote-ci / build-and-test (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-15 09:51:11 +02:00
StellaOps Bot	8137503221	up	2025-12-15 09:23:28 +02:00
StellaOps Bot	505fe7a885	update evidence bundle to include new evidence types and implement ProofSpine integration Some checks failed Lighthouse CI / Lighthouse Audit (push) Has been cancelled Details Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details sm-remote-ci / build-and-test (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-15 09:15:30 +02:00
StellaOps Bot	b058dbe031	up	2025-12-14 23:20:14 +02:00
StellaOps Bot	00c41790f4	up Some checks failed Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details ICS/KISA Feed Refresh / refresh (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-14 18:45:56 +02:00
StellaOps Bot	2e70c9fdb6	up Some checks failed LNM Migration CI / build-runner (push) Has been cancelled Details Ledger OpenAPI CI / deprecation-check (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Airgap Sealed CI Smoke / sealed-smoke (push) Has been cancelled Details Ledger Packs CI / build-pack (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Ledger OpenAPI CI / validate-oas (push) Has been cancelled Details Ledger OpenAPI CI / check-wellknown (push) Has been cancelled Details Ledger Packs CI / verify-pack (push) Has been cancelled Details LNM Migration CI / validate-metrics (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details	2025-12-14 18:33:02 +02:00
StellaOps Bot	e2e404e705	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details console-runner-image / build-runner-image (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-14 16:24:16 +02:00
StellaOps Bot	233873f620	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Reachability Corpus Validation / validate-corpus (push) Has been cancelled Details Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Reachability Corpus Validation / determinism-check (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details	2025-12-14 15:50:38 +02:00
StellaOps Bot	f1a39c4ce3	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-13 18:08:55 +02:00
StellaOps Bot	6e45066e37	up Some checks failed Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Simulation / policy-simulate (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details	2025-12-13 09:37:15 +02:00
StellaOps Bot	999e26a48e	up	2025-12-13 02:22:15 +02:00
StellaOps Bot	564df71bfb	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-13 00:20:26 +02:00
master	3f3473ee3a	feat: add Reachability Center and Why Drawer components with tests Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details - Implemented ReachabilityCenterComponent for displaying asset reachability status with summary and filtering options. - Added ReachabilityWhyDrawerComponent to show detailed reachability evidence and call paths. - Created unit tests for both components to ensure functionality and correctness. - Updated accessibility test results for the new components.	2025-12-12 18:50:35 +02:00
StellaOps Bot	efaf3cb789	up Some checks failed Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-12 09:35:37 +02:00
master	ce5ec9c158	feat: Add in-memory implementations for issuer audit, key, repository, and trust management Some checks failed devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details - Introduced InMemoryIssuerAuditSink to retain audit entries for testing. - Implemented InMemoryIssuerKeyRepository for deterministic key storage. - Created InMemoryIssuerRepository to manage issuer records in memory. - Added InMemoryIssuerTrustRepository for managing issuer trust overrides. - Each repository utilizes concurrent collections for thread-safe operations. - Enhanced deprecation tracking with a comprehensive YAML schema for API governance.	2025-12-11 19:47:43 +02:00
master	ab22181e8b	feat: Implement PostgreSQL repositories for various entities Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details - Added BootstrapInviteRepository for managing bootstrap invites. - Added ClientRepository for handling OAuth/OpenID clients. - Introduced LoginAttemptRepository for logging login attempts. - Created OidcTokenRepository for managing OpenIddict tokens and refresh tokens. - Implemented RevocationExportStateRepository for persisting revocation export state. - Added RevocationRepository for managing revocations. - Introduced ServiceAccountRepository for handling service accounts.	2025-12-11 17:48:25 +02:00
master	0987cd6ac8	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details	2025-12-11 11:00:51 +02:00
master	b83aa1aa0b	Update Excititor ingestion plan and enhance policy endpoints for overlay integration	2025-12-11 11:00:01 +02:00
StellaOps Bot	ce1f282ce0	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details	2025-12-11 08:20:15 +02:00
StellaOps Bot	b8b493913a	up	2025-12-11 08:20:04 +02:00
StellaOps Bot	49922dff5a	up the blokcing tasks Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Risk Bundle CI / risk-bundle-build (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Risk Bundle CI / risk-bundle-offline-kit (push) Has been cancelled Details Risk Bundle CI / publish-checksums (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-11 02:32:18 +02:00
StellaOps Bot	92bc4d3a07	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-10 21:34:38 +02:00
StellaOps Bot	0ad4777259	Update SPRINT_0513_0001_0001_public_reachability_benchmark.md	2025-12-10 21:34:33 +02:00
master	b7059d523e	Refactor and update test projects, remove obsolete tests, and upgrade dependencies - Deleted obsolete test files for SchedulerAuditService and SchedulerMongoSessionFactory. - Removed unused TestDataFactory class. - Updated project files for Mongo.Tests to remove references to deleted files. - Upgraded BouncyCastle.Cryptography package to version 2.6.2 across multiple projects. - Replaced Microsoft.Extensions.Http.Polly with Microsoft.Extensions.Http.Resilience in Zastava.Webhook project. - Updated NetEscapades.Configuration.Yaml package to version 3.1.0 in Configuration library. - Upgraded Pkcs11Interop package to version 5.1.2 in Cryptography libraries. - Refactored Argon2idPasswordHasher to use BouncyCastle for hashing instead of Konscious. - Updated JsonSchema.Net package to version 7.3.2 in Microservice project. - Updated global.json to use .NET SDK version 10.0.101.	2025-12-10 19:13:29 +02:00
master	199aaf74d8	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-09 13:08:17 +02:00
master	f30805ad7f	up	2025-12-09 10:50:15 +02:00
StellaOps Bot	108d1c64b3	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details cryptopro-linux-csp / build-and-test (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details sm-remote-ci / build-and-test (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-09 09:38:09 +02:00
StellaOps Bot	bc0762e97d	up	2025-12-09 00:20:52 +02:00
StellaOps Bot	3d01bf9edc	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Risk Bundle CI / risk-bundle-build (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Risk Bundle CI / risk-bundle-offline-kit (push) Has been cancelled Details Risk Bundle CI / publish-checksums (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-07 23:38:50 +02:00
StellaOps Bot	68bc53a07b	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details	2025-12-07 23:07:09 +02:00
StellaOps Bot	4b124fb056	update exportcenter_ii and fix Sm2AttestorTests	2025-12-07 22:51:01 +02:00
StellaOps Bot	7c24ed96ee	up	2025-12-07 22:49:53 +02:00
StellaOps Bot	11597679ed	feat: Implement BerkeleyDB reader for RPM databases Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details console-runner-image / build-runner-image (push) Has been cancelled Details wine-csp-build / Build Wine CSP Image (push) Has been cancelled Details wine-csp-build / Integration Tests (push) Has been cancelled Details wine-csp-build / Security Scan (push) Has been cancelled Details wine-csp-build / Generate SBOM (push) Has been cancelled Details wine-csp-build / Publish Image (push) Has been cancelled Details wine-csp-build / Air-Gap Bundle (push) Has been cancelled Details wine-csp-build / Test Summary (push) Has been cancelled Details - Added BerkeleyDbReader class to read and extract RPM header blobs from BerkeleyDB hash databases. - Implemented methods to detect BerkeleyDB format and extract values, including handling of page sizes and magic numbers. - Added tests for BerkeleyDbReader to ensure correct functionality and header extraction. feat: Add Yarn PnP data tests - Created YarnPnpDataTests to validate package resolution and data loading from Yarn PnP cache. - Implemented tests for resolved keys, package presence, and loading from cache structure. test: Add egg-info package fixtures for Python tests - Created egg-info package fixtures for testing Python analyzers. - Included PKG-INFO, entry_points.txt, and installed-files.txt for comprehensive coverage. test: Enhance RPM database reader tests - Added tests for RpmDatabaseReader to validate fallback to legacy packages when SQLite is missing. - Implemented helper methods to create legacy package files and RPM headers for testing. test: Implement dual signing tests - Added DualSignTests to validate secondary signature addition when configured. - Created stub implementations for crypto providers and key resolvers to facilitate testing. chore: Update CI script for Playwright Chromium installation - Modified ci-console-exports.sh to ensure deterministic Chromium binary installation for console exports tests. - Added checks for Windows compatibility and environment variable setups for Playwright browsers.	2025-12-07 16:24:45 +02:00
StellaOps Bot	e3f28a21ab	ops/devops: fix console runner build paths and log built image	2025-12-07 15:23:08 +02:00
StellaOps Bot	a403979177	ops/devops: add console runner image CI build	2025-12-07 15:12:34 +02:00
StellaOps Bot	b8641b1959	ops/devops: add offline console runner image scaffold	2025-12-07 15:09:30 +02:00
StellaOps Bot	98e6b76584	Add post-quantum cryptography support with PqSoftCryptoProvider Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details wine-csp-build / Build Wine CSP Image (push) Has been cancelled Details - Implemented PqSoftCryptoProvider for software-only post-quantum algorithms (Dilithium3, Falcon512) using BouncyCastle. - Added PqSoftProviderOptions and PqSoftKeyOptions for configuration. - Created unit tests for Dilithium3 and Falcon512 signing and verification. - Introduced EcdsaPolicyCryptoProvider for compliance profiles (FIPS/eIDAS) with explicit allow-lists. - Added KcmvpHashOnlyProvider for KCMVP baseline compliance. - Updated project files and dependencies for new libraries and testing frameworks.	2025-12-07 15:04:19 +02:00
StellaOps Bot	862bb6ed80	ops/devops: enable console PR CI; document cache seeding	2025-12-07 12:51:28 +00:00
StellaOps Bot	bd2529502e	feat: Implement Wine CSP HTTP provider for GOST cryptographic operations Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details - Added WineCspHttpProvider class to interface with Wine-hosted CryptoPro CSP. - Implemented ICryptoProvider, ICryptoProviderDiagnostics, and IDisposable interfaces. - Introduced WineCspHttpSigner and WineCspHttpHasher for signing and hashing operations. - Created WineCspProviderOptions for configuration settings including service URL and key options. - Developed CryptoProGostSigningService to handle GOST signing operations and key management. - Implemented HTTP service for the Wine CSP with endpoints for signing, verification, and hashing. - Added Swagger documentation for API endpoints. - Included health checks and error handling for service availability. - Established DTOs for request and response models in the service.	2025-12-07 14:02:42 +02:00
StellaOps Bot	965cbf9574	Add unit tests for PhpFrameworkSurface and PhpPharScanner Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details - Implement comprehensive tests for PhpFrameworkSurface, covering scenarios such as empty surfaces, presence of routes, controllers, middlewares, CLI commands, cron jobs, and event listeners. - Validate metadata creation for route counts, HTTP methods, protected and public routes, and route patterns. - Introduce tests for PhpPharScanner, including handling of non-existent files, null or empty paths, invalid PHAR files, and minimal PHAR structures. - Ensure correct computation of SHA256 for valid PHAR files and validate the properties of PhpPharArchive, PhpPharEntry, and PhpPharScanResult.	2025-12-07 13:44:13 +02:00
StellaOps Bot	af30fc322f	ops/devops: add console offline runner spec and CI skeleton	2025-12-07 11:38:46 +00:00
StellaOps Bot	e53a282fbe	feat: Add native binary analyzer test utilities and implement SM2 signing tests Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details - Introduced `NativeTestBase` class for ELF, PE, and Mach-O binary parsing helpers and assertions. - Created `TestCryptoFactory` for SM2 cryptographic provider setup and key generation. - Implemented `Sm2SigningTests` to validate signing functionality with environment gate checks. - Developed console export service and store with comprehensive unit tests for export status management.	2025-12-07 13:12:41 +02:00
StellaOps Bot	8a72779c16	ops: add mock-ready VEX/Vuln runbooks	2025-12-07 00:09:24 +00:00
StellaOps Bot	e0f6efecce	Add comprehensive tests for Go and Python version conflict detection and licensing normalization - Implemented GoVersionConflictDetectorTests to validate pseudo-version detection, conflict analysis, and conflict retrieval for Go modules. - Created VersionConflictDetectorTests for Python to assess conflict detection across various version scenarios, including major, minor, and patch differences. - Added SpdxLicenseNormalizerTests to ensure accurate normalization of SPDX license strings and classifiers. - Developed VendoredPackageDetectorTests to identify vendored packages and extract embedded packages from Python packages, including handling of vendor directories and known vendored packages.	2025-12-07 01:51:37 +02:00
StellaOps Bot	98934170ca	ops: add policy incident runbook draft	2025-12-06 23:30:12 +00:00
StellaOps Bot	69651212ec	feat: Implement CVSS receipt management client and models Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-07 01:14:28 +02:00

1 2 3 4 5

222 Commits