5a480a3c2a
Some checks failed
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Docs CI / lint-and-preview (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Findings Ledger CI / build-test (push) Has been cancelled
Findings Ledger CI / migration-validation (push) Has been cancelled
Findings Ledger CI / generate-manifest (push) Has been cancelled
Lighthouse CI / Lighthouse Audit (push) Has been cancelled
Lighthouse CI / Axe Accessibility Audit (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Reachability Corpus Validation / validate-corpus (push) Has been cancelled
Reachability Corpus Validation / validate-ground-truths (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Reachability Corpus Validation / determinism-check (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
- Introduced `all-edge-reasons.json` to test edge resolution reasons in .NET. - Added `all-visibility-levels.json` to validate method visibility levels in .NET. - Created `dotnet-aspnetcore-minimal.json` for a minimal ASP.NET Core application. - Included `go-gin-api.json` for a Go Gin API application structure. - Added `java-spring-boot.json` for the Spring PetClinic application in Java. - Introduced `legacy-no-schema.json` for legacy application structure without schema. - Created `node-express-api.json` for an Express.js API application structure.
84 lines
2.2 KiB
JSON
84 lines
2.2 KiB
JSON
{
|
|
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
"$id": "https://stella-ops.org/schemas/scanner-offline-kit-config.schema.json",
|
|
"title": "Scanner Offline Kit Configuration",
|
|
"type": "object",
|
|
"description": "Schema for the `scanner.offlineKit` configuration section used by Scanner WebService/Worker for offline kit verification.",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"default": false,
|
|
"description": "Enable offline kit operations (opt-in)."
|
|
},
|
|
"requireDsse": {
|
|
"type": "boolean",
|
|
"default": true,
|
|
"description": "Fail import if DSSE verification fails."
|
|
},
|
|
"rekorOfflineMode": {
|
|
"type": "boolean",
|
|
"default": true,
|
|
"description": "Use only local Rekor snapshots; do not call online Rekor APIs."
|
|
},
|
|
"attestationVerifier": {
|
|
"type": "string",
|
|
"format": "uri",
|
|
"description": "URL of internal attestation verifier service."
|
|
},
|
|
"trustRootDirectory": {
|
|
"type": "string",
|
|
"description": "Path to directory containing trust root public keys."
|
|
},
|
|
"rekorSnapshotDirectory": {
|
|
"type": "string",
|
|
"description": "Path to Rekor snapshot directory."
|
|
},
|
|
"trustAnchors": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"required": [
|
|
"anchorId",
|
|
"purlPattern",
|
|
"allowedKeyids"
|
|
],
|
|
"properties": {
|
|
"anchorId": {
|
|
"type": "string",
|
|
"minLength": 1
|
|
},
|
|
"purlPattern": {
|
|
"type": "string",
|
|
"minLength": 1,
|
|
"examples": [
|
|
"pkg:npm/*",
|
|
"pkg:maven/org.apache.*",
|
|
"*"
|
|
]
|
|
},
|
|
"allowedKeyids": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
},
|
|
"minItems": 1
|
|
},
|
|
"description": {
|
|
"type": "string"
|
|
},
|
|
"expiresAt": {
|
|
"type": "string",
|
|
"format": "date-time"
|
|
},
|
|
"minSignatures": {
|
|
"type": "integer",
|
|
"minimum": 1,
|
|
"default": 1
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|