git.stella-ops.org

Author	SHA1	Message	Date
master	811f35cba7	feat(telemetry): add telemetry client and services for tracking events - Implemented TelemetryClient to handle event queuing and flushing to the telemetry endpoint. - Created TtfsTelemetryService for emitting specific telemetry events related to TTFS. - Added tests for TelemetryClient to ensure event queuing and flushing functionality. - Introduced models for reachability drift detection, including DriftResult and DriftedSink. - Developed DriftApiService for interacting with the drift detection API. - Updated FirstSignalCardComponent to emit telemetry events on signal appearance. - Enhanced localization support for first signal component with i18n strings.	2025-12-18 16:19:16 +02:00
master	00d2c99af9	feat: add Attestation Chain and Triage Evidence API clients and models - Implemented Attestation Chain API client with methods for verifying, fetching, and managing attestation chains. - Created models for Attestation Chain, including DSSE envelope structures and verification results. - Developed Triage Evidence API client for fetching finding evidence, including methods for evidence retrieval by CVE and component. - Added models for Triage Evidence, encapsulating evidence responses, entry points, boundary proofs, and VEX evidence. - Introduced mock implementations for both API clients to facilitate testing and development.	2025-12-18 13:15:13 +02:00
StellaOps Bot	7d5250238c	save progress	2025-12-18 09:53:46 +02:00
StellaOps Bot	28823a8960	save progress	2025-12-18 09:10:36 +02:00
StellaOps Bot	b4235c134c	work work hard work	2025-12-18 00:47:24 +02:00
master	dee252940b	SPRINT_3600_0001_0001 - Reachability Drift Detection Master Plan	2025-12-18 00:02:31 +02:00
master	8bbfe4d2d2	feat(rate-limiting): Implement core rate limiting functionality with configuration, decision-making, metrics, middleware, and service registration - Add RateLimitConfig for configuration management with YAML binding support. - Introduce RateLimitDecision to encapsulate the result of rate limit checks. - Implement RateLimitMetrics for OpenTelemetry metrics tracking. - Create RateLimitMiddleware for enforcing rate limits on incoming requests. - Develop RateLimitService to orchestrate instance and environment rate limit checks. - Add RateLimitServiceCollectionExtensions for dependency injection registration.	2025-12-17 18:02:37 +02:00
master	394b57f6bf	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-16 19:01:38 +02:00
master	3a2100aa78	Add unit and integration tests for VexCandidateEmitter and SmartDiff repositories - Implemented comprehensive unit tests for VexCandidateEmitter to validate candidate emission logic based on various scenarios including absent and present APIs, confidence thresholds, and rate limiting. - Added integration tests for SmartDiff PostgreSQL repositories, covering snapshot storage and retrieval, candidate storage, and material risk change handling. - Ensured tests validate correct behavior for storing, retrieving, and querying snapshots and candidates, including edge cases and expected outcomes.	2025-12-16 19:00:43 +02:00
master	417ef83202	Add unit and integration tests for VexCandidateEmitter and SmartDiff repositories Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details - Implemented comprehensive unit tests for VexCandidateEmitter to validate candidate emission logic based on various scenarios including absent and present APIs, confidence thresholds, and rate limiting. - Added integration tests for SmartDiff PostgreSQL repositories, covering snapshot storage and retrieval, candidate storage, and material risk change handling. - Ensured tests validate correct behavior for storing, retrieving, and querying snapshots and candidates, including edge cases and expected outcomes.	2025-12-16 19:00:09 +02:00
master	2170a58734	Add comprehensive security tests for OWASP A02, A05, A07, and A08 categories Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Lighthouse CI / Lighthouse Audit (push) Has been cancelled Details Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Policy Simulation / policy-simulate (push) Has been cancelled Details - Implemented tests for Cryptographic Failures (A02) to ensure proper handling of sensitive data, secure algorithms, and key management. - Added tests for Security Misconfiguration (A05) to validate production configurations, security headers, CORS settings, and feature management. - Developed tests for Authentication Failures (A07) to enforce strong password policies, rate limiting, session management, and MFA support. - Created tests for Software and Data Integrity Failures (A08) to verify artifact signatures, SBOM integrity, attestation chains, and feed updates.	2025-12-16 16:40:44 +02:00
master	415eff1207	feat(metrics): Implement scan metrics repository and PostgreSQL integration Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Added IScanMetricsRepository interface for scan metrics persistence and retrieval. - Implemented PostgresScanMetricsRepository for PostgreSQL database interactions, including methods for saving and retrieving scan metrics and execution phases. - Introduced methods for obtaining TTE statistics and recent scans for tenants. - Implemented deletion of old metrics for retention purposes. test(tests): Add SCA Failure Catalogue tests for FC6-FC10 - Created ScaCatalogueDeterminismTests to validate determinism properties of SCA Failure Catalogue fixtures. - Developed ScaFailureCatalogueTests to ensure correct handling of specific failure modes in the scanner. - Included tests for manifest validation, file existence, and expected findings across multiple failure cases. feat(telemetry): Integrate scan completion metrics into the pipeline - Introduced IScanCompletionMetricsIntegration interface and ScanCompletionMetricsIntegration class to record metrics upon scan completion. - Implemented proof coverage and TTE metrics recording with logging for scan completion summaries.	2025-12-16 14:00:35 +02:00
master	b55d9fa68d	Add comprehensive security tests for OWASP A03 (Injection) and A10 (SSRF) Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details - Implemented InjectionTests.cs to cover various injection vulnerabilities including SQL, NoSQL, Command, LDAP, and XPath injections. - Created SsrfTests.cs to test for Server-Side Request Forgery (SSRF) vulnerabilities, including internal URL access, cloud metadata access, and URL allowlist bypass attempts. - Introduced MaliciousPayloads.cs to store a collection of malicious payloads for testing various security vulnerabilities. - Added SecurityAssertions.cs for common security-specific assertion helpers. - Established SecurityTestBase.cs as a base class for security tests, providing common infrastructure and mocking utilities. - Configured the test project StellaOps.Security.Tests.csproj with necessary dependencies for testing.	2025-12-16 13:11:57 +02:00
master	5a480a3c2a	Add call graph fixtures for various languages and scenarios Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details Lighthouse CI / Lighthouse Audit (push) Has been cancelled Details Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Reachability Corpus Validation / validate-corpus (push) Has been cancelled Details Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Reachability Corpus Validation / determinism-check (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details - Introduced `all-edge-reasons.json` to test edge resolution reasons in .NET. - Added `all-visibility-levels.json` to validate method visibility levels in .NET. - Created `dotnet-aspnetcore-minimal.json` for a minimal ASP.NET Core application. - Included `go-gin-api.json` for a Go Gin API application structure. - Added `java-spring-boot.json` for the Spring PetClinic application in Java. - Introduced `legacy-no-schema.json` for legacy application structure without schema. - Created `node-express-api.json` for an Express.js API application structure.	2025-12-16 10:44:24 +02:00
master	4391f35d8a	Refactor SurfaceCacheValidator to simplify oldest entry calculation Add global using for Xunit in test project Enhance ImportValidatorTests with async validation and quarantine checks Implement FileSystemQuarantineServiceTests for quarantine functionality Add integration tests for ImportValidator to check monotonicity Create BundleVersionTests to validate version parsing and comparison logic Implement VersionMonotonicityCheckerTests for monotonicity checks and activation logic	2025-12-16 10:44:00 +02:00
StellaOps Bot	b1f40945b7	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details sm-remote-ci / build-and-test (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-15 09:51:11 +02:00
StellaOps Bot	8137503221	up	2025-12-15 09:23:28 +02:00
StellaOps Bot	505fe7a885	update evidence bundle to include new evidence types and implement ProofSpine integration Some checks failed Lighthouse CI / Lighthouse Audit (push) Has been cancelled Details Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details sm-remote-ci / build-and-test (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-15 09:15:30 +02:00
StellaOps Bot	b058dbe031	up	2025-12-14 23:20:14 +02:00
StellaOps Bot	00c41790f4	up Some checks failed Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details ICS/KISA Feed Refresh / refresh (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-14 18:45:56 +02:00
StellaOps Bot	2e70c9fdb6	up Some checks failed LNM Migration CI / build-runner (push) Has been cancelled Details Ledger OpenAPI CI / deprecation-check (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Airgap Sealed CI Smoke / sealed-smoke (push) Has been cancelled Details Ledger Packs CI / build-pack (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Ledger OpenAPI CI / validate-oas (push) Has been cancelled Details Ledger OpenAPI CI / check-wellknown (push) Has been cancelled Details Ledger Packs CI / verify-pack (push) Has been cancelled Details LNM Migration CI / validate-metrics (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details	2025-12-14 18:33:02 +02:00
StellaOps Bot	e2e404e705	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details console-runner-image / build-runner-image (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-14 16:24:16 +02:00
StellaOps Bot	233873f620	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Reachability Corpus Validation / validate-corpus (push) Has been cancelled Details Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Reachability Corpus Validation / determinism-check (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details	2025-12-14 15:50:38 +02:00
StellaOps Bot	f1a39c4ce3	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-13 18:08:55 +02:00
StellaOps Bot	6e45066e37	up Some checks failed Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Simulation / policy-simulate (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details	2025-12-13 09:37:15 +02:00
StellaOps Bot	999e26a48e	up	2025-12-13 02:22:15 +02:00
StellaOps Bot	564df71bfb	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-13 00:20:26 +02:00
master	3f3473ee3a	feat: add Reachability Center and Why Drawer components with tests Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details - Implemented ReachabilityCenterComponent for displaying asset reachability status with summary and filtering options. - Added ReachabilityWhyDrawerComponent to show detailed reachability evidence and call paths. - Created unit tests for both components to ensure functionality and correctness. - Updated accessibility test results for the new components.	2025-12-12 18:50:35 +02:00
StellaOps Bot	efaf3cb789	up Some checks failed Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-12 09:35:37 +02:00
master	ce5ec9c158	feat: Add in-memory implementations for issuer audit, key, repository, and trust management Some checks failed devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details - Introduced InMemoryIssuerAuditSink to retain audit entries for testing. - Implemented InMemoryIssuerKeyRepository for deterministic key storage. - Created InMemoryIssuerRepository to manage issuer records in memory. - Added InMemoryIssuerTrustRepository for managing issuer trust overrides. - Each repository utilizes concurrent collections for thread-safe operations. - Enhanced deprecation tracking with a comprehensive YAML schema for API governance.	2025-12-11 19:47:43 +02:00
master	ab22181e8b	feat: Implement PostgreSQL repositories for various entities Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details - Added BootstrapInviteRepository for managing bootstrap invites. - Added ClientRepository for handling OAuth/OpenID clients. - Introduced LoginAttemptRepository for logging login attempts. - Created OidcTokenRepository for managing OpenIddict tokens and refresh tokens. - Implemented RevocationExportStateRepository for persisting revocation export state. - Added RevocationRepository for managing revocations. - Introduced ServiceAccountRepository for handling service accounts.	2025-12-11 17:48:25 +02:00
master	0987cd6ac8	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details	2025-12-11 11:00:51 +02:00
master	b83aa1aa0b	Update Excititor ingestion plan and enhance policy endpoints for overlay integration	2025-12-11 11:00:01 +02:00
StellaOps Bot	ce1f282ce0	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details	2025-12-11 08:20:15 +02:00
StellaOps Bot	b8b493913a	up	2025-12-11 08:20:04 +02:00
StellaOps Bot	49922dff5a	up the blokcing tasks Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Risk Bundle CI / risk-bundle-build (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Risk Bundle CI / risk-bundle-offline-kit (push) Has been cancelled Details Risk Bundle CI / publish-checksums (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-11 02:32:18 +02:00
StellaOps Bot	92bc4d3a07	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-10 21:34:38 +02:00
StellaOps Bot	0ad4777259	Update SPRINT_0513_0001_0001_public_reachability_benchmark.md	2025-12-10 21:34:33 +02:00
master	b7059d523e	Refactor and update test projects, remove obsolete tests, and upgrade dependencies - Deleted obsolete test files for SchedulerAuditService and SchedulerMongoSessionFactory. - Removed unused TestDataFactory class. - Updated project files for Mongo.Tests to remove references to deleted files. - Upgraded BouncyCastle.Cryptography package to version 2.6.2 across multiple projects. - Replaced Microsoft.Extensions.Http.Polly with Microsoft.Extensions.Http.Resilience in Zastava.Webhook project. - Updated NetEscapades.Configuration.Yaml package to version 3.1.0 in Configuration library. - Upgraded Pkcs11Interop package to version 5.1.2 in Cryptography libraries. - Refactored Argon2idPasswordHasher to use BouncyCastle for hashing instead of Konscious. - Updated JsonSchema.Net package to version 7.3.2 in Microservice project. - Updated global.json to use .NET SDK version 10.0.101.	2025-12-10 19:13:29 +02:00
master	199aaf74d8	Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-09 13:08:17 +02:00
master	f30805ad7f	up	2025-12-09 10:50:15 +02:00
StellaOps Bot	108d1c64b3	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details cryptopro-linux-csp / build-and-test (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details sm-remote-ci / build-and-test (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-09 09:38:09 +02:00
StellaOps Bot	bc0762e97d	up	2025-12-09 00:20:52 +02:00
StellaOps Bot	3d01bf9edc	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Risk Bundle CI / risk-bundle-build (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Risk Bundle CI / risk-bundle-offline-kit (push) Has been cancelled Details Risk Bundle CI / publish-checksums (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-07 23:38:50 +02:00
StellaOps Bot	68bc53a07b	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details	2025-12-07 23:07:09 +02:00
StellaOps Bot	4b124fb056	update exportcenter_ii and fix Sm2AttestorTests	2025-12-07 22:51:01 +02:00
StellaOps Bot	7c24ed96ee	up	2025-12-07 22:49:53 +02:00
StellaOps Bot	11597679ed	feat: Implement BerkeleyDB reader for RPM databases Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details console-runner-image / build-runner-image (push) Has been cancelled Details wine-csp-build / Build Wine CSP Image (push) Has been cancelled Details wine-csp-build / Integration Tests (push) Has been cancelled Details wine-csp-build / Security Scan (push) Has been cancelled Details wine-csp-build / Generate SBOM (push) Has been cancelled Details wine-csp-build / Publish Image (push) Has been cancelled Details wine-csp-build / Air-Gap Bundle (push) Has been cancelled Details wine-csp-build / Test Summary (push) Has been cancelled Details - Added BerkeleyDbReader class to read and extract RPM header blobs from BerkeleyDB hash databases. - Implemented methods to detect BerkeleyDB format and extract values, including handling of page sizes and magic numbers. - Added tests for BerkeleyDbReader to ensure correct functionality and header extraction. feat: Add Yarn PnP data tests - Created YarnPnpDataTests to validate package resolution and data loading from Yarn PnP cache. - Implemented tests for resolved keys, package presence, and loading from cache structure. test: Add egg-info package fixtures for Python tests - Created egg-info package fixtures for testing Python analyzers. - Included PKG-INFO, entry_points.txt, and installed-files.txt for comprehensive coverage. test: Enhance RPM database reader tests - Added tests for RpmDatabaseReader to validate fallback to legacy packages when SQLite is missing. - Implemented helper methods to create legacy package files and RPM headers for testing. test: Implement dual signing tests - Added DualSignTests to validate secondary signature addition when configured. - Created stub implementations for crypto providers and key resolvers to facilitate testing. chore: Update CI script for Playwright Chromium installation - Modified ci-console-exports.sh to ensure deterministic Chromium binary installation for console exports tests. - Added checks for Windows compatibility and environment variable setups for Playwright browsers.	2025-12-07 16:24:45 +02:00
StellaOps Bot	e3f28a21ab	ops/devops: fix console runner build paths and log built image	2025-12-07 15:23:08 +02:00
StellaOps Bot	a403979177	ops/devops: add console runner image CI build	2025-12-07 15:12:34 +02:00

1 2 3 4 5

233 Commits