git.stella-ops.org

Author	SHA1	Message	Date
master	5a480a3c2a	Add call graph fixtures for various languages and scenarios Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details Lighthouse CI / Lighthouse Audit (push) Has been cancelled Details Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Reachability Corpus Validation / validate-corpus (push) Has been cancelled Details Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Reachability Corpus Validation / determinism-check (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details - Introduced `all-edge-reasons.json` to test edge resolution reasons in .NET. - Added `all-visibility-levels.json` to validate method visibility levels in .NET. - Created `dotnet-aspnetcore-minimal.json` for a minimal ASP.NET Core application. - Included `go-gin-api.json` for a Go Gin API application structure. - Added `java-spring-boot.json` for the Spring PetClinic application in Java. - Introduced `legacy-no-schema.json` for legacy application structure without schema. - Created `node-express-api.json` for an Express.js API application structure.	2025-12-16 10:44:24 +02:00
master	4391f35d8a	Refactor SurfaceCacheValidator to simplify oldest entry calculation Add global using for Xunit in test project Enhance ImportValidatorTests with async validation and quarantine checks Implement FileSystemQuarantineServiceTests for quarantine functionality Add integration tests for ImportValidator to check monotonicity Create BundleVersionTests to validate version parsing and comparison logic Implement VersionMonotonicityCheckerTests for monotonicity checks and activation logic	2025-12-16 10:44:00 +02:00
StellaOps Bot	b1f40945b7	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details sm-remote-ci / build-and-test (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-15 09:51:11 +02:00
StellaOps Bot	505fe7a885	update evidence bundle to include new evidence types and implement ProofSpine integration Some checks failed Lighthouse CI / Lighthouse Audit (push) Has been cancelled Details Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details api-governance / spectral-lint (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details sm-remote-ci / build-and-test (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details oas-ci / oas-validate (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-15 09:15:30 +02:00
StellaOps Bot	b058dbe031	up	2025-12-14 23:20:14 +02:00
StellaOps Bot	e2e404e705	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details console-runner-image / build-runner-image (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-14 16:24:16 +02:00
StellaOps Bot	233873f620	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Reachability Corpus Validation / validate-corpus (push) Has been cancelled Details Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Reachability Corpus Validation / determinism-check (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details	2025-12-14 15:50:38 +02:00
StellaOps Bot	f1a39c4ce3	up Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details devportal-offline / build-offline (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details	2025-12-13 18:08:55 +02:00
StellaOps Bot	6e45066e37	up Some checks failed Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Simulation / policy-simulate (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details	2025-12-13 09:37:15 +02:00
StellaOps Bot	999e26a48e	up	2025-12-13 02:22:15 +02:00
StellaOps Bot	564df71bfb	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-13 00:20:26 +02:00
StellaOps Bot	efaf3cb789	up Some checks failed Signals CI & Image / signals-ci (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details	2025-12-12 09:35:37 +02:00
StellaOps Bot	108d1c64b3	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Findings Ledger CI / build-test (push) Has been cancelled Details Findings Ledger CI / migration-validation (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled Details AOC Guard CI / aoc-guard (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details cryptopro-linux-csp / build-and-test (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details sm-remote-ci / build-and-test (push) Has been cancelled Details Findings Ledger CI / generate-manifest (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled Details	2025-12-09 09:38:09 +02:00
StellaOps Bot	bc0762e97d	up	2025-12-09 00:20:52 +02:00
StellaOps Bot	bd2529502e	feat: Implement Wine CSP HTTP provider for GOST cryptographic operations Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details - Added WineCspHttpProvider class to interface with Wine-hosted CryptoPro CSP. - Implemented ICryptoProvider, ICryptoProviderDiagnostics, and IDisposable interfaces. - Introduced WineCspHttpSigner and WineCspHttpHasher for signing and hashing operations. - Created WineCspProviderOptions for configuration settings including service URL and key options. - Developed CryptoProGostSigningService to handle GOST signing operations and key management. - Implemented HTTP service for the Wine CSP with endpoints for signing, verification, and hashing. - Added Swagger documentation for API endpoints. - Included health checks and error handling for service availability. - Established DTOs for request and response models in the service.	2025-12-07 14:02:42 +02:00
StellaOps Bot	e53a282fbe	feat: Add native binary analyzer test utilities and implement SM2 signing tests Some checks failed AOC Guard CI / aoc-guard (push) Has been cancelled Details AOC Guard CI / aoc-verify (push) Has been cancelled Details Docs CI / lint-and-preview (push) Has been cancelled Details Manifest Integrity / Audit SHA256SUMS Files (push) Has been cancelled Details Manifest Integrity / Validate Schema Integrity (push) Has been cancelled Details Manifest Integrity / Validate Contract Documents (push) Has been cancelled Details Manifest Integrity / Validate Pack Fixtures (push) Has been cancelled Details Manifest Integrity / Verify Merkle Roots (push) Has been cancelled Details Scanner Analyzers / Build Analyzers (push) Has been cancelled Details Scanner Analyzers / Discover Analyzers (push) Has been cancelled Details Scanner Analyzers / Test Language Analyzers (push) Has been cancelled Details Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled Details Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details Concelier Attestation Tests / attestation-tests (push) Has been cancelled Details Policy Lint & Smoke / policy-lint (push) Has been cancelled Details Export Center CI / export-ci (push) Has been cancelled Details Notify Smoke Test / Notify Unit Tests (push) Has been cancelled Details Notify Smoke Test / Notifier Service Tests (push) Has been cancelled Details Notify Smoke Test / Notification Smoke Test (push) Has been cancelled Details - Introduced `NativeTestBase` class for ELF, PE, and Mach-O binary parsing helpers and assertions. - Created `TestCryptoFactory` for SM2 cryptographic provider setup and key generation. - Implemented `Sm2SigningTests` to validate signing functionality with environment gate checks. - Developed console export service and store with comprehensive unit tests for export status management.	2025-12-07 13:12:41 +02:00
StellaOps Bot	1c782897f7	up Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details Mirror Thin Bundle Sign & Verify / mirror-sign (push) Has been cancelled Details Signals CI & Image / signals-ci (push) Has been cancelled Details	2025-11-26 07:47:08 +02:00
master	d519782a8f	prep docs and service updates Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details	2025-11-21 06:56:36 +00:00
master	d3ecd7f8e6	nuget reorganization	2025-11-18 23:45:25 +02:00
master	8355e2ff75	feat: Add initial implementation of Vulnerability Resolver Jobs Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Created project for StellaOps.Scanner.Analyzers.Native.Tests with necessary dependencies. - Documented roles and guidelines in AGENTS.md for Scheduler module. - Implemented IResolverJobService interface and InMemoryResolverJobService for handling resolver jobs. - Added ResolverBacklogNotifier and ResolverBacklogService for monitoring job metrics. - Developed API endpoints for managing resolver jobs and retrieving metrics. - Defined models for resolver job requests and responses. - Integrated dependency injection for resolver job services. - Implemented ImpactIndexSnapshot for persisting impact index data. - Introduced SignalsScoringOptions for configurable scoring weights in reachability scoring. - Added unit tests for ReachabilityScoringService and RuntimeFactsIngestionService. - Created dotnet-filter.sh script to handle command-line arguments for dotnet. - Established nuget-prime project for managing package downloads.	2025-11-18 07:52:15 +02:00
master	56c687253f	feat(ruby): Implement RubyManifestParser for parsing gem groups and dependencies Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details feat(ruby): Add RubyVendorArtifactCollector to collect vendor artifacts test(deno): Add golden tests for Deno analyzer with various fixtures test(deno): Create Deno module and package files for testing test(deno): Implement Deno lock and import map for dependency management test(deno): Add FFI and worker scripts for Deno testing feat(ruby): Set up Ruby workspace with Gemfile and dependencies feat(ruby): Add expected output for Ruby workspace tests feat(signals): Introduce CallgraphManifest model for signal processing	2025-11-10 09:27:03 +02:00
master	69c59defdc	feat: Implement Runtime Facts ingestion service and NDJSON reader Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Added RuntimeFactsNdjsonReader for reading NDJSON formatted runtime facts. - Introduced IRuntimeFactsIngestionService interface and its implementation. - Enhanced Program.cs to register new services and endpoints for runtime facts. - Updated CallgraphIngestionService to include CAS URI in stored artifacts. - Created RuntimeFactsValidationException for validation errors during ingestion. - Added tests for RuntimeFactsIngestionService and RuntimeFactsNdjsonReader. - Implemented SignalsSealedModeMonitor for compliance checks in sealed mode. - Updated project dependencies for testing utilities.	2025-11-10 07:56:15 +02:00
master	75c2bcafce	Add LDAP Distinguished Name Helper and Credential Audit Context Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Implemented LdapDistinguishedNameHelper for escaping RDN and filter values. - Created AuthorityCredentialAuditContext and IAuthorityCredentialAuditContextAccessor for managing credential audit context. - Developed StandardCredentialAuditLogger with tests for success, failure, and lockout events. - Introduced AuthorityAuditSink for persisting audit records with structured logging. - Added CryptoPro related classes for certificate resolution and signing operations.	2025-11-09 12:21:38 +02:00
master	536f6249a6	Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Created CycloneDX and SPDX SBOM files for both reachable and unreachable images. - Added symbols.json detailing function entry and sink points in the WordPress code. - Included runtime traces for function calls in both reachable and unreachable scenarios. - Developed OpenVEX files indicating vulnerability status and justification for both cases. - Updated README for evaluator harness to guide integration with scanner output.	2025-11-08 20:53:45 +02:00
master	90c244948a	Update AGENTS.md files across multiple modules to standardize task status update instructions and introduce a new document for Secret Leak Detection operations. - Modified task status update instructions in AGENTS.md files to refer to corresponding sprint files as `/docs/implplan/SPRINT_*.md` instead of `docs/implplan/SPRINTS.md`. - Added a comprehensive document for Secret Leak Detection operations detailing scope, prerequisites, rule bundle lifecycle, enabling the analyzer, policy patterns, observability, troubleshooting, and references.	2025-11-05 11:58:32 +02:00
master	66cb6c4b8a	feat: Add guild charters and task boards for various components Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Introduced guild charters for Scanner Deno, PHP, Ruby, Native, WebService, Java, Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, UI, Zastava Observer, Zastava Webhook, Zastava Core, and Plugin Platform. - Each charter outlines the mission, scope, required reading, and working agreements for the respective guilds. - Created task boards for Surface.Env, Surface.FS, Surface.Secrets, Surface.Validation, and Zastava components to track progress and dependencies. - Ensured all documents emphasize determinism, offline readiness, security, and integration with shared Surface libraries.	2025-11-01 02:21:46 +02:00
master	15b4a1de6a	feat: Document completed tasks for KMS, Cryptography, and Plugin Libraries - Added detailed task completion records for KMS interface implementation and CLI support for file-based keys. - Documented security enhancements including Argon2id password hashing, audit event contracts, and rate limiting configurations. - Included scoped service support and integration updates for the Plugin platform, ensuring proper DI handling and testing coverage.	2025-10-31 14:37:45 +02:00
master	d870da18ce	Restructure solution layout by module	2025-10-28 15:10:40 +02:00

28 Commits