git.stella-ops.org

stella-ops.org/git.stella-ops.org

Fork 0

Commit Graph

Author	SHA1	Message	Date
master	536f6249a6	Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Created CycloneDX and SPDX SBOM files for both reachable and unreachable images. - Added symbols.json detailing function entry and sink points in the WordPress code. - Included runtime traces for function calls in both reachable and unreachable scenarios. - Developed OpenVEX files indicating vulnerability status and justification for both cases. - Updated README for evaluator harness to guide integration with scanner output.	2025-11-08 20:53:45 +02:00
master	2eb6852d34	Add unit tests for SBOM ingestion and transformation Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Implement `SbomIngestServiceCollectionExtensionsTests` to verify the SBOM ingestion pipeline exports snapshots correctly. - Create `SbomIngestTransformerTests` to ensure the transformation produces expected nodes and edges, including deduplication of license nodes and normalization of timestamps. - Add `SbomSnapshotExporterTests` to test the export functionality for manifest, adjacency, nodes, and edges. - Introduce `VexOverlayTransformerTests` to validate the transformation of VEX nodes and edges. - Set up project file for the test project with necessary dependencies and configurations. - Include JSON fixture files for testing purposes.	2025-11-04 07:49:39 +02:00
master	d870da18ce	Restructure solution layout by module	2025-10-28 15:10:40 +02:00

Author

SHA1

Message

Date

master

536f6249a6

Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case

Docs CI / lint-and-preview (push) Has been cancelled

Details

- Created CycloneDX and SPDX SBOM files for both reachable and unreachable images.
- Added symbols.json detailing function entry and sink points in the WordPress code.
- Included runtime traces for function calls in both reachable and unreachable scenarios.
- Developed OpenVEX files indicating vulnerability status and justification for both cases.
- Updated README for evaluator harness to guide integration with scanner output.

2025-11-08 20:53:45 +02:00

master

2eb6852d34

Add unit tests for SBOM ingestion and transformation

Docs CI / lint-and-preview (push) Has been cancelled

Details

- Implement `SbomIngestServiceCollectionExtensionsTests` to verify the SBOM ingestion pipeline exports snapshots correctly.
- Create `SbomIngestTransformerTests` to ensure the transformation produces expected nodes and edges, including deduplication of license nodes and normalization of timestamps.
- Add `SbomSnapshotExporterTests` to test the export functionality for manifest, adjacency, nodes, and edges.
- Introduce `VexOverlayTransformerTests` to validate the transformation of VEX nodes and edges.
- Set up project file for the test project with necessary dependencies and configurations.
- Include JSON fixture files for testing purposes.

2025-11-04 07:49:39 +02:00

master

d870da18ce

Restructure solution layout by module

2025-10-28 15:10:40 +02:00

3 Commits