1.7 KiB
1.7 KiB
Windows WinSxS Manifest Analyzer
Module
Scanner
Status
IMPLEMENTED
Description
Parses Windows Side-by-Side (WinSxS) assembly manifests to discover shared system components, extracting assembly identity, version, processor architecture, and public key token.
Implementation Details
- WinSxS Package Analyzer:
src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Windows.WinSxS/WinSxSPackageAnalyzer.cs-WinSxSPackageAnalyzerdiscovering WinSxS assemblies from the WinSxS directory
- Manifest Parser:
src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Windows.WinSxS/WinSxSManifestParser.cs-WinSxSManifestParserparsing WinSxS assembly manifest XML files to extract assembly identity, version, processor architecture, and public key token
- Metadata Model:
src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Windows.WinSxS/WinSxSAssemblyMetadata.cs-WinSxSAssemblyMetadatamodel for discovered assembly metadata
- Plugin Registration:
src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Windows.WinSxS/WinSxSAnalyzerPlugin.cs-WinSxSAnalyzerPluginregistering the WinSxS analyzer in the scanner pipeline
E2E Test Plan
- Scan a Windows container image and verify WinSxS assemblies are discovered from the WinSxS directory
- Verify each discovered assembly includes correct name, version, processor architecture (x86, amd64), and public key token
- Verify the manifest parser correctly handles multi-assembly manifests with dependency declarations
- Verify the analyzer produces valid SBOM components for WinSxS assemblies
- Verify the analyzer correctly handles different WinSxS directory layouts across Windows versions