28 lines
1.7 KiB
Markdown
28 lines
1.7 KiB
Markdown
# Windows WinSxS Manifest Analyzer
|
|
|
|
## Module
|
|
Scanner
|
|
|
|
## Status
|
|
IMPLEMENTED
|
|
|
|
## Description
|
|
Parses Windows Side-by-Side (WinSxS) assembly manifests to discover shared system components, extracting assembly identity, version, processor architecture, and public key token.
|
|
|
|
## Implementation Details
|
|
- **WinSxS Package Analyzer**:
|
|
- `src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Windows.WinSxS/WinSxSPackageAnalyzer.cs` - `WinSxSPackageAnalyzer` discovering WinSxS assemblies from the WinSxS directory
|
|
- **Manifest Parser**:
|
|
- `src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Windows.WinSxS/WinSxSManifestParser.cs` - `WinSxSManifestParser` parsing WinSxS assembly manifest XML files to extract assembly identity, version, processor architecture, and public key token
|
|
- **Metadata Model**:
|
|
- `src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Windows.WinSxS/WinSxSAssemblyMetadata.cs` - `WinSxSAssemblyMetadata` model for discovered assembly metadata
|
|
- **Plugin Registration**:
|
|
- `src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.OS.Windows.WinSxS/WinSxSAnalyzerPlugin.cs` - `WinSxSAnalyzerPlugin` registering the WinSxS analyzer in the scanner pipeline
|
|
|
|
## E2E Test Plan
|
|
- [ ] Scan a Windows container image and verify WinSxS assemblies are discovered from the WinSxS directory
|
|
- [ ] Verify each discovered assembly includes correct name, version, processor architecture (x86, amd64), and public key token
|
|
- [ ] Verify the manifest parser correctly handles multi-assembly manifests with dependency declarations
|
|
- [ ] Verify the analyzer produces valid SBOM components for WinSxS assemblies
|
|
- [ ] Verify the analyzer correctly handles different WinSxS directory layouts across Windows versions
|