git.stella-ops.org

stella-ops.org/git.stella-ops.org

Fork 0

Commit Graph

Author	SHA1	Message	Date
StellaOps Bot	f7d27c6fda	feat(secrets): Implement secret leak policies and signal binding - Added `spl-secret-block@1.json` to block deployments with critical or high severity secret findings. - Introduced `spl-secret-warn@1.json` to warn on secret findings without blocking deployments. - Created `SecretSignalBinder.cs` to bind secret evidence to policy evaluation signals. - Developed unit tests for `SecretEvidenceContext` and `SecretSignalBinder` to ensure correct functionality. - Enhanced `SecretSignalContextExtensions` to integrate secret evidence into signal contexts.	2026-01-04 15:44:49 +02:00
StellaOps Bot	9a08d10b89	docs consolidation	2025-12-24 12:38:14 +02:00
master	b1e78fe412	feat: Implement vulnerability token signing and verification utilities Some checks failed Docs CI / lint-and-preview (push) Has been cancelled Details - Added VulnTokenSigner for signing JWT tokens with specified algorithms and keys. - Introduced VulnTokenUtilities for resolving tenant and subject claims, and sanitizing context dictionaries. - Created VulnTokenVerificationUtilities for parsing tokens, verifying signatures, and deserializing payloads. - Developed VulnWorkflowAntiForgeryTokenIssuer for issuing anti-forgery tokens with configurable options. - Implemented VulnWorkflowAntiForgeryTokenVerifier for verifying anti-forgery tokens and validating payloads. - Added AuthorityVulnerabilityExplorerOptions to manage configuration for vulnerability explorer features. - Included tests for FilesystemPackRunDispatcher to ensure proper job handling under egress policy restrictions.	2025-11-03 10:04:10 +02:00

Author

SHA1

Message

Date

StellaOps Bot

f7d27c6fda

feat(secrets): Implement secret leak policies and signal binding

- Added `spl-secret-block@1.json` to block deployments with critical or high severity secret findings.
- Introduced `spl-secret-warn@1.json` to warn on secret findings without blocking deployments.
- Created `SecretSignalBinder.cs` to bind secret evidence to policy evaluation signals.
- Developed unit tests for `SecretEvidenceContext` and `SecretSignalBinder` to ensure correct functionality.
- Enhanced `SecretSignalContextExtensions` to integrate secret evidence into signal contexts.

2026-01-04 15:44:49 +02:00

StellaOps Bot

9a08d10b89

docs consolidation

2025-12-24 12:38:14 +02:00

master

b1e78fe412

feat: Implement vulnerability token signing and verification utilities

Docs CI / lint-and-preview (push) Has been cancelled

Details

- Added VulnTokenSigner for signing JWT tokens with specified algorithms and keys.
- Introduced VulnTokenUtilities for resolving tenant and subject claims, and sanitizing context dictionaries.
- Created VulnTokenVerificationUtilities for parsing tokens, verifying signatures, and deserializing payloads.
- Developed VulnWorkflowAntiForgeryTokenIssuer for issuing anti-forgery tokens with configurable options.
- Implemented VulnWorkflowAntiForgeryTokenVerifier for verifying anti-forgery tokens and validating payloads.
- Added AuthorityVulnerabilityExplorerOptions to manage configuration for vulnerability explorer features.
- Included tests for FilesystemPackRunDispatcher to ensure proper job handling under egress policy restrictions.

2025-11-03 10:04:10 +02:00

3 Commits