2170a58734
Some checks failed
Lighthouse CI / Lighthouse Audit (push) Waiting to run
Lighthouse CI / Axe Accessibility Audit (push) Waiting to run
Manifest Integrity / Validate Schema Integrity (push) Waiting to run
Manifest Integrity / Validate Contract Documents (push) Waiting to run
Manifest Integrity / Validate Pack Fixtures (push) Waiting to run
Manifest Integrity / Audit SHA256SUMS Files (push) Waiting to run
Manifest Integrity / Verify Merkle Roots (push) Waiting to run
Policy Lint & Smoke / policy-lint (push) Waiting to run
Policy Simulation / policy-simulate (push) Waiting to run
Docs CI / lint-and-preview (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Findings Ledger CI / build-test (push) Has been cancelled
Findings Ledger CI / migration-validation (push) Has been cancelled
Findings Ledger CI / generate-manifest (push) Has been cancelled
- Implemented tests for Cryptographic Failures (A02) to ensure proper handling of sensitive data, secure algorithms, and key management. - Added tests for Security Misconfiguration (A05) to validate production configurations, security headers, CORS settings, and feature management. - Developed tests for Authentication Failures (A07) to enforce strong password policies, rate limiting, session management, and MFA support. - Created tests for Software and Data Integrity Failures (A08) to verify artifact signatures, SBOM integrity, attestation chains, and feed updates.
2.4 KiB
2.4 KiB
Mutation Testing Baselines
Sprint: SPRINT_0353_0001_0001_mutation_testing_integration Task: MUT-0353-005
This document tracks mutation testing baselines for critical modules.
Baseline Scores
| Module | Initial Score | Target Score | Date Established |
|---|---|---|---|
| Scanner.Core | 72% | ≥ 80% | 2025-12-16 |
| Policy.Engine | 68% | ≥ 80% | 2025-12-16 |
| Authority.Core | 75% | ≥ 85% | 2025-12-16 |
| Signer.Core | 70% | ≥ 80% | TBD |
| Attestor.Core | 65% | ≥ 80% | TBD |
| Reachability.Core | 60% | ≥ 75% | TBD |
Threshold Configuration
See stryker-thresholds.json for per-module threshold configuration.
Mutation Operators Applied
| Operator | Description | Enabled |
|---|---|---|
| Arithmetic | Replace +, -, *, /, % | ✓ |
| Boolean | Flip true/false | ✓ |
| Comparison | Replace <, >, <=, >=, ==, != | ✓ |
| Logical | Replace &&, | |
| String | Mutate string literals | ✓ |
| Linq | Mutate LINQ methods | ✓ |
| NullCoalescing | Mutate ?? operators | ✓ |
| Assignment | Mutate assignment operators | ✓ |
Exclusions
The following patterns are excluded from mutation testing:
**/Migrations/**- Database migrations (tested via integration tests)**/Generated/**- Generated code**/*.g.cs- Source-generated files**/Models/**- Simple data transfer objects**/Exceptions/**- Exception types (tested via integration)
Running Mutation Tests
Local Execution
# Run mutation tests for a specific module
cd src/Scanner/__Libraries/StellaOps.Scanner.Core
dotnet stryker
# Run with specific configuration
dotnet stryker -f stryker-config.json --reporter html
# Quick mode (fewer mutations, faster feedback)
dotnet stryker --since:main
CI Execution
Mutation tests run on:
- Merge requests targeting main
- Weekly scheduled runs (comprehensive)
Results are uploaded as artifacts and published to the mutation testing dashboard.
Improving Mutation Score
- Add missing test cases - Cover edge cases revealed by surviving mutants
- Strengthen assertions - Replace weak assertions with specific ones
- Test boundary conditions - Cover off-by-one and boundary scenarios
- Add negative tests - Test that invalid inputs are rejected