stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
40e7f827da764e39ca67fc27a74813a98e9a38d2
git.stella-ops.org/docs/benchmarks/scanner/README.md
master b1e78fe412
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Implement vulnerability token signing and verification utilities 
- Added VulnTokenSigner for signing JWT tokens with specified algorithms and keys.
- Introduced VulnTokenUtilities for resolving tenant and subject claims, and sanitizing context dictionaries.
- Created VulnTokenVerificationUtilities for parsing tokens, verifying signatures, and deserializing payloads.
- Developed VulnWorkflowAntiForgeryTokenIssuer for issuing anti-forgery tokens with configurable options.
- Implemented VulnWorkflowAntiForgeryTokenVerifier for verifying anti-forgery tokens and validating payloads.
- Added AuthorityVulnerabilityExplorerOptions to manage configuration for vulnerability explorer features.
- Included tests for FilesystemPackRunDispatcher to ensure proper job handling under egress policy restrictions.
2025-11-03 10:04:10 +02:00

1.6 KiB
Raw Blame History

Scanner Benchmarks & Coverage Dossiers

This directory aggregates competitive analyses, deep dives, and demand signals that inform the Scanner roadmap.

Structure

  • ../../scanner-feature-comparison-*.md — high-level feature comparisons versus Trivy, Grype, Snyk.
  • deep-dives/ — ecosystem-specific implementation deep dives (languages, OS packages, secrets, macOS, Windows, etc.).
  • scanning-gaps-stella-misses-from-competitors.md — gap analysis with scorecards, implementation plans, and backlog references.
  • windows-macos-demand.md — demand tracker and next actions for Windows/macOS coverage.
  • windows-macos-interview-template.md — structured questionnaire for customer discovery.

Quick links

  • macOS: deep-dives/macos.md, ../../modules/scanner/design/macos-analyzer.md.
  • Windows: deep-dives/windows.md, ../../modules/scanner/design/windows-analyzer.md.
  • Policy readiness: ../../modules/policy/secret-leak-detection-readiness.md, ../../modules/policy/windows-package-readiness.md.
  • API dashboards: ../../api/scanner/windows-coverage.md, ../../api/scanner/windows-macos-summary.md.

Maintenance tips

  • When new interview signals are logged, update windows-macos-demand.md, the API dashboards, and cross-link relevant design docs.
  • Ensure gap scorecards reflect the latest findings and backlog IDs.
  • Keep feature comparison docs aligned with deep dive updates.

Backlog references

  • Engineering: see ../../modules/scanner/TASKS.md (SCANNER-ENG-0020..0027).
  • Docs: ../../docs/TASKS.md (DOCS-SCANNER-BENCH-62-016).
  • Policy: ../../modules/policy/TASKS.md (POLICY-READINESS-0001/0002).