- Added IIssuerDirectory interface for managing VEX document issuers, including methods for registration, revocation, and trust validation.
- Created InMemoryIssuerDirectory class as an in-memory implementation of IIssuerDirectory for testing and single-instance deployments.
- Introduced ISignatureVerifier interface for verifying signatures on VEX documents, with support for multiple signature formats.
- Developed SignatureVerifier class as the default implementation of ISignatureVerifier, allowing extensibility for different signature formats.
- Implemented handlers for DSSE and JWS signature formats, including methods for verification and signature extraction.
- Defined various records and enums for issuer and signature metadata, enhancing the structure and clarity of the verification process.
- Implemented MigrationCategoryTests to validate migration categorization for startup, release, seed, and data migrations.
- Added tests for edge cases, including null, empty, and whitespace migration names.
- Created StartupMigrationHostTests to verify the behavior of the migration host with real PostgreSQL instances using Testcontainers.
- Included tests for migration execution, schema creation, and handling of pending release migrations.
- Added SQL migration files for testing: creating a test table, adding a column, a release migration, and seeding data.
- Introduced a new VEX compact fixture for testing purposes.
- Implemented `verify_export.py` script to validate Findings Ledger exports, ensuring deterministic ordering and applying redaction manifests.
- Added a lightweight stub `HarnessRunner` for unit tests to validate ledger hashing expectations.
- Documented tasks related to the Mirror Creator.
- Created models for entropy signals and implemented the `EntropyPenaltyCalculator` to compute penalties based on scanner outputs.
- Developed unit tests for `EntropyPenaltyCalculator` to ensure correct penalty calculations and handling of edge cases.
- Added tests for symbol ID normalization in the reachability scanner.
- Enhanced console status service with comprehensive unit tests for connection handling and error recovery.
- Included Cosign tool version 2.6.0 with checksums for various platforms.
- Introduced `ui_bench_driver.mjs` to read scenarios and fixture manifest, generating a deterministic run plan.
- Created `ui_bench_plan.md` outlining the purpose, scope, and next steps for the benchmark.
- Added `ui_bench_scenarios.json` containing various scenarios for graph UI interactions.
- Implemented tests for CLI commands, ensuring bundle verification and telemetry defaults.
- Developed schemas for orchestrator components, including replay manifests and event envelopes.
- Added mock API for risk management, including listing and statistics functionalities.
- Implemented models for risk profiles and query options to support the new API.
feat(sbomservice): Add placeholder for SHA256SUMS in LNM v1 fixtures
docs(devportal): Create README for SDK archives in public directory
build(devportal): Implement offline bundle build script
test(devportal): Add link checker script for validating links in documentation
test(devportal): Create performance check script for dist folder size
test(devportal): Implement accessibility check script using Playwright and Axe
docs(devportal): Add SDK quickstart guide with examples for Node.js, Python, and cURL
feat(excititor): Implement MongoDB storage for airgap import records
test(findings): Add unit tests for export filters hash determinism
feat(findings): Define attestation contracts for ledger web service
feat(graph): Add MongoDB options and service collection extensions for graph indexing
test(graph): Implement integration tests for MongoDB provider and service collection extensions
feat(zastava): Define configuration options for Zastava surface secrets
build(tests): Create script to run Concelier linkset tests with TRX output
feat: Implement BsonJsonConverter for converting BsonDocument and BsonArray to JSON
fix: Update project file to include MongoDB.Bson package
test: Add GraphOverlayExporterTests to validate NDJSON export functionality
refactor: Refactor Program.cs in Attestation Tool for improved argument parsing and error handling
docs: Update README for stella-forensic-verify with usage instructions and exit codes
feat: Enhance HmacVerifier with clock skew and not-after checks
feat: Add MerkleRootVerifier and ChainOfCustodyVerifier for additional verification methods
fix: Update DenoRuntimeShim to correctly handle file paths
feat: Introduce ComposerAutoloadData and related parsing in ComposerLockReader
test: Add tests for Deno runtime execution and verification
test: Enhance PHP package tests to include autoload data verification
test: Add unit tests for HmacVerifier and verification logic
- Implemented the PhpAnalyzerPlugin to analyze PHP projects.
- Created ComposerLockData class to represent data from composer.lock files.
- Developed ComposerLockReader to load and parse composer.lock files asynchronously.
- Introduced ComposerPackage class to encapsulate package details.
- Added PhpPackage class to represent PHP packages with metadata and evidence.
- Implemented PhpPackageCollector to gather packages from ComposerLockData.
- Created PhpLanguageAnalyzer to perform analysis and emit results.
- Added capability signals for known PHP frameworks and CMS.
- Developed unit tests for the PHP language analyzer and its components.
- Included sample composer.lock and expected output for testing.
- Updated project files for the new PHP analyzer library and tests.
