git.stella-ops.org

stella-ops.org/git.stella-ops.org

Fork 0

Commit Graph

Author	SHA1	Message	Date
StellaOps Bot	b6b9ffc050	Add PHP Analyzer Plugin and Composer Lock Data Handling Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Implemented the PhpAnalyzerPlugin to analyze PHP projects. - Created ComposerLockData class to represent data from composer.lock files. - Developed ComposerLockReader to load and parse composer.lock files asynchronously. - Introduced ComposerPackage class to encapsulate package details. - Added PhpPackage class to represent PHP packages with metadata and evidence. - Implemented PhpPackageCollector to gather packages from ComposerLockData. - Created PhpLanguageAnalyzer to perform analysis and emit results. - Added capability signals for known PHP frameworks and CMS. - Developed unit tests for the PHP language analyzer and its components. - Included sample composer.lock and expected output for testing. - Updated project files for the new PHP analyzer library and tests.	2025-11-22 14:02:49 +02:00
master	536f6249a6	Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Created CycloneDX and SPDX SBOM files for both reachable and unreachable images. - Added symbols.json detailing function entry and sink points in the WordPress code. - Included runtime traces for function calls in both reachable and unreachable scenarios. - Developed OpenVEX files indicating vulnerability status and justification for both cases. - Updated README for evaluator harness to guide integration with scanner output.	2025-11-08 20:53:45 +02:00

Author

SHA1

Message

Date

StellaOps Bot

b6b9ffc050

Add PHP Analyzer Plugin and Composer Lock Data Handling

Docs CI / lint-and-preview (push) Has been cancelled

Details

- Implemented the PhpAnalyzerPlugin to analyze PHP projects.
- Created ComposerLockData class to represent data from composer.lock files.
- Developed ComposerLockReader to load and parse composer.lock files asynchronously.
- Introduced ComposerPackage class to encapsulate package details.
- Added PhpPackage class to represent PHP packages with metadata and evidence.
- Implemented PhpPackageCollector to gather packages from ComposerLockData.
- Created PhpLanguageAnalyzer to perform analysis and emit results.
- Added capability signals for known PHP frameworks and CMS.
- Developed unit tests for the PHP language analyzer and its components.
- Included sample composer.lock and expected output for testing.
- Updated project files for the new PHP analyzer library and tests.

2025-11-22 14:02:49 +02:00

master

536f6249a6

Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case

Docs CI / lint-and-preview (push) Has been cancelled

Details

- Created CycloneDX and SPDX SBOM files for both reachable and unreachable images.
- Added symbols.json detailing function entry and sink points in the WordPress code.
- Included runtime traces for function calls in both reachable and unreachable scenarios.
- Developed OpenVEX files indicating vulnerability status and justification for both cases.
- Updated README for evaluator harness to guide integration with scanner output.

2025-11-08 20:53:45 +02:00

2 Commits