stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
11597679ed1a861b960ef6fc25ecb207713f886d
git.stella-ops.org/docs/modules/concelier/schemas/offline-advisory-bundle.schema.json
StellaOps Bot 47168fec38 feat: Add VEX compact fixture and implement offline verifier for Findings Ledger exports 
- Introduced a new VEX compact fixture for testing purposes.
- Implemented `verify_export.py` script to validate Findings Ledger exports, ensuring deterministic ordering and applying redaction manifests.
- Added a lightweight stub `HarnessRunner` for unit tests to validate ledger hashing expectations.
- Documented tasks related to the Mirror Creator.
- Created models for entropy signals and implemented the `EntropyPenaltyCalculator` to compute penalties based on scanner outputs.
- Developed unit tests for `EntropyPenaltyCalculator` to ensure correct penalty calculations and handling of edge cases.
- Added tests for symbol ID normalization in the reachability scanner.
- Enhanced console status service with comprehensive unit tests for connection handling and error recovery.
- Included Cosign tool version 2.6.0 with checksums for various platforms.
2025-12-02 21:08:01 +02:00

103 lines
3.3 KiB
JSON
Raw Blame History

{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://stellaops.local/concelier/schemas/offline-advisory-bundle.schema.json",
"title": "Concelier Offline Advisory Bundle",
"type": "object",
"additionalProperties": false,
"required": [
"bundleId",
"tenant",
"exportKind",
"snapshot",
"manifest",
"hashes",
"signatures",
"createdAt"
],
"properties": {
"bundleId": { "type": "string", "pattern": "^bundle:[A-Za-z0-9._:-]+$" },
"tenant": { "type": "string", "minLength": 1 },
"exportKind": { "type": "string", "enum": ["json", "trivydb"] },
"createdAt": { "type": "string", "format": "date-time" },
"snapshot": {
"type": "object",
"additionalProperties": false,
"required": ["windowStart", "windowEnd", "sources"],
"properties": {
"windowStart": { "type": "string", "format": "date-time" },
"windowEnd": { "type": "string", "format": "date-time" },
"stalenessHours": { "type": "integer", "minimum": 0 },
"sources": {
"type": "array",
"items": {
"type": "object",
"required": ["name", "cursor", "hash"],
"additionalProperties": false,
"properties": {
"name": { "type": "string" },
"cursor": { "type": "string" },
"hash": { "type": "string", "pattern": "^sha256:[A-Fa-f0-9]{64}$" },
"snapshotUri": { "type": "string", "format": "uri" }
}
},
"uniqueItems": true
}
}
},
"manifest": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"required": ["path", "sha256", "size"],
"properties": {
"path": { "type": "string" },
"sha256": { "type": "string", "pattern": "^[A-Fa-f0-9]{64}$" },
"size": { "type": "integer", "minimum": 0 },
"contentType": { "type": "string" }
}
},
"uniqueItems": true
},
"hashes": {
"type": "object",
"additionalProperties": false,
"patternProperties": {
"^sha256$": { "type": "string", "pattern": "^[A-Fa-f0-9]{64}$" }
}
},
"signatures": {
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"required": ["type", "keyId", "signature"],
"properties": {
"type": { "type": "string", "enum": ["dsse-inline", "detached"] },
"keyId": { "type": "string" },
"signature": { "type": "string" },
"envelopeDigest": { "type": "string", "pattern": "^sha256:[A-Fa-f0-9]{64}$" },
"rekor": {
"type": "object",
"additionalProperties": false,
"properties": {
"logIndex": { "type": "integer", "minimum": 0 },
"uuid": { "type": "string" },
"integratedTime": { "type": "integer", "minimum": 0 }
}
}
}
}
},
"determinism": {
"type": "object",
"additionalProperties": false,
"properties": {
"contentHash": { "type": "string", "pattern": "^sha256:[A-Fa-f0-9]{64}$" },
"idempotencyKey": { "type": "string", "pattern": "^[a-f0-9]{64}$" },
"canonVersion": { "type": "string", "default": "1" }
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink