stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
4dfa1b8e052f5faeb458eccdb122ac7cde16de61
git.stella-ops.org/src/VexLens/StellaOps.VexLens/Extensions/VexLensServiceCollectionExtensions.cs
StellaOps Bot 5146204f1b feat: add security sink detection patterns for JavaScript/TypeScript 
- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations).
- Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns.
- Added `package-lock.json` for dependency management.
2025-12-22 23:21:21 +02:00

190 lines
6.6 KiB
C#
Raw Blame History

using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using StellaOps.VexLens.Api;
using StellaOps.VexLens.Caching;
using StellaOps.VexLens.Consensus;
using StellaOps.VexLens.Export;
using StellaOps.VexLens.Integration;
using StellaOps.VexLens.Orchestration;
using StellaOps.VexLens.Mapping;
using StellaOps.VexLens.Normalization;
using StellaOps.VexLens.Observability;
using StellaOps.VexLens.Options;
using StellaOps.VexLens.Storage;
using StellaOps.VexLens.Trust;
using StellaOps.VexLens.Trust.SourceTrust;
using StellaOps.VexLens.Verification;
namespace StellaOps.VexLens.Extensions;
/// <summary>
/// Extension methods for registering VexLens services.
/// </summary>
public static class VexLensServiceCollectionExtensions
{
/// <summary>
/// Adds VexLens consensus engine services to the service collection.
/// </summary>
public static IServiceCollection AddVexLens(
this IServiceCollection services,
IConfiguration configuration)
{
var section = configuration.GetSection(VexLensOptions.SectionName);
services.Configure<VexLensOptions>(section);
var options = section.Get<VexLensOptions>() ?? new VexLensOptions();
return services.AddVexLensCore(options);
}
/// <summary>
/// Adds VexLens consensus engine services with explicit options.
/// </summary>
public static IServiceCollection AddVexLens(
this IServiceCollection services,
Action<VexLensOptions> configure)
{
var options = new VexLensOptions();
configure(options);
services.Configure(configure);
return services.AddVexLensCore(options);
}
/// <summary>
/// Adds VexLens services for testing with in-memory storage.
/// </summary>
public static IServiceCollection AddVexLensForTesting(this IServiceCollection services)
{
var options = new VexLensOptions
{
Storage = { Driver = "memory" },
Telemetry = { MetricsEnabled = false, TracingEnabled = false }
};
return services.AddVexLensCore(options);
}
private static IServiceCollection AddVexLensCore(
this IServiceCollection services,
VexLensOptions options)
{
// Normalization
services.TryAddSingleton<IVexNormalizerRegistry>(sp =>
{
var registry = new VexNormalizerRegistry();
RegisterNormalizers(registry, options.Normalization);
return registry;
});
// Product mapping
services.TryAddSingleton<IProductMapper, ProductMapper>();
// Verification
services.TryAddSingleton<ISignatureVerifier, SignatureVerifier>();
// Issuer directory - use in-memory by default, can be replaced
services.TryAddSingleton<IIssuerDirectory, InMemoryIssuerDirectory>();
// Trust engine (statement-level)
services.TryAddSingleton<ITrustWeightEngine, TrustWeightEngine>();
// Source trust scoring (source-level)
services.TryAddSingleton(Microsoft.Extensions.Options.Options.Create(
SourceTrustScoreConfiguration.CreateDefault()));
services.TryAddSingleton<IAuthorityScoreCalculator, AuthorityScoreCalculator>();
services.TryAddSingleton<IAccuracyScoreCalculator, AccuracyScoreCalculator>();
services.TryAddSingleton<ITimelinessScoreCalculator, TimelinessScoreCalculator>();
services.TryAddSingleton<ICoverageScoreCalculator, CoverageScoreCalculator>();
services.TryAddSingleton<IVerificationScoreCalculator, VerificationScoreCalculator>();
services.TryAddSingleton<ISourceTrustScoreCache, InMemorySourceTrustScoreCache>();
services.TryAddSingleton<ISourceTrustScoreCalculator, SourceTrustScoreCalculator>();
services.TryAddSingleton<IProvenanceChainValidator, ProvenanceChainValidator>();
services.TryAddSingleton<ITrustDecayService, TrustDecayService>();
// Consensus engine
services.TryAddSingleton<IVexConsensusEngine, VexConsensusEngine>();
// Storage
RegisterStorage(services, options.Storage);
// Event emitter - in-memory for now
services.TryAddSingleton<IConsensusEventEmitter, InMemoryConsensusEventEmitter>();
// API service
services.TryAddScoped<IVexLensApiService, VexLensApiService>();
// Rationale service for AI/ML consumption
services.TryAddScoped<IConsensusRationaleService, ConsensusRationaleService>();
// Rationale cache for Advisory AI
services.TryAddSingleton<IConsensusRationaleCache, InMemoryConsensusRationaleCache>();
// Integration services
services.TryAddScoped<IPolicyEngineIntegration, PolicyEngineIntegration>();
services.TryAddScoped<IVulnExplorerIntegration, VulnExplorerIntegration>();
// Export service for offline bundles
services.TryAddScoped<IConsensusExportService, ConsensusExportService>();
// Orchestrator job service for scheduling consensus compute
services.TryAddScoped<IConsensusJobService, ConsensusJobService>();
// Metrics
if (options.Telemetry.MetricsEnabled)
{
services.TryAddSingleton<VexLensMetrics>();
}
return services;
}
private static void RegisterNormalizers(
VexNormalizerRegistry registry,
VexLensNormalizationOptions options)
{
var enabledFormats = new HashSet<string>(
options.EnabledFormats,
StringComparer.OrdinalIgnoreCase);
if (enabledFormats.Contains("OpenVEX"))
{
registry.Register(new OpenVexNormalizer());
}
if (enabledFormats.Contains("CSAF"))
{
registry.Register(new CsafVexNormalizer());
}
if (enabledFormats.Contains("CycloneDX"))
{
registry.Register(new CycloneDxVexNormalizer());
}
}
private static void RegisterStorage(
IServiceCollection services,
VexLensStorageOptions options)
{
var driver = (options.Driver ?? "memory").Trim();
switch (driver.ToLowerInvariant())
{
case "memory":
services.TryAddSingleton<IConsensusProjectionStore>(sp =>
{
var emitter = sp.GetRequiredService<IConsensusEventEmitter>();
return new InMemoryConsensusProjectionStore(emitter);
});
break;
default:
throw new InvalidOperationException(
$"Unsupported VexLens storage driver: '{options.Driver}'. Supported drivers: memory.");
}
}
}
Reference in New Issue View Git Blame Copy Permalink