stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
5593212b414864ab213082c8945a267451b99901
git.stella-ops.org/docs/features/checked/tools/fixture-harvester-tool.md

27 lines
2.1 KiB
Markdown
Raw Blame History

# Fixture Harvester Tool (Deterministic Fixture Rewriter)
## Module
Tools
## Status
VERIFIED
## Description
CLI tool for deterministic test fixture management. Rewrites Concelier OSV/GHSA/NVD fixtures with SHA-256-based deterministic GUIDs and fixed timestamps, ensuring reproducible test data across environments.
## Implementation Details
- **Fixture Updater App**: `src/Tools/FixtureUpdater/FixtureUpdaterApp.cs` (96 lines) -- CLI entry point using `System.CommandLine`. Parses `--repo-root`, `--osv-fixtures`, `--ghsa-fixtures`, `--nvd-fixtures`, `--fixed-time` options. Resolves repository root and fixture paths, constructs `FixtureUpdaterOptions`, dispatches to runner.
- **Fixture Updater Runner**: `src/Tools/FixtureUpdater/FixtureUpdaterRunner.cs` (533 lines) -- core execution engine: processes OSV raw fixtures (JSON arrays of `OsvVulnerabilityDto`), generates deterministic snapshot fixtures for npm/PyPI ecosystems, processes GHSA raw fixtures (`GhsaRecordDto`), generates credit parity regression fixtures across GHSA/OSV/NVD sources. Uses `FixtureDeterminism` class for SHA-256-based deterministic GUID generation.
- **Program.cs**: `src/Tools/FixtureUpdater/Program.cs` (3 lines) -- delegates to `FixtureUpdaterApp.RunAsync(args)`.
## E2E Test Plan
- [x] Run the fixture updater tool twice with the same inputs and verify outputs are bit-for-bit identical (determinism check)
- [x] Verify error reporting includes context about which fixture source caused the failure
## Verification
- **Verified**: 2026-02-10
- **Method**: Tier 1 code review + Tier 2d test verification
- **Build**: Passes (0 errors, 0 warnings)
- **Tests**: 2 tests pass (determinism verification, error reporting with context)
- **Caveat**: Original feature description overstated capabilities. The tool does NOT implement harvest/validate/regen sub-commands, YAML manifests with schema versioning, tiered fixtures (Synthetic/Spec Examples/Real Samples/Regression), or configurable refresh policies. The actual tool is a deterministic OSV/GHSA/NVD fixture rewriter using SHA-256 hashing and fixed timestamps. Feature title and description updated to reflect actual implementation.
Reference in New Issue View Git Blame Copy Permalink