stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
a3822c88cd9375d98137e86fee32df23513db88c
git.stella-ops.org/src/Scanner/__Libraries/StellaOps.Scanner.Analyzers.Lang.Rust/TASKS.md
master a3822c88cd Add unit tests for RancherHubConnector and various exporters 
- Implemented tests for RancherHubConnector to validate fetching documents, handling errors, and managing state.
- Added tests for CsafExporter to ensure deterministic serialization of CSAF documents.
- Created tests for CycloneDX exporters and reconciler to verify correct handling of VEX claims and output structure.
- Developed OpenVEX exporter tests to confirm the generation of canonical OpenVEX documents and statement merging logic.
- Introduced Rust file caching and license scanning functionality, including a cache key structure and hash computation.
- Added sample Cargo.toml and LICENSE files for testing Rust license scanning functionality.
2025-10-30 08:01:13 +02:00

1.8 KiB
Raw Blame History

Rust Analyzer Task Flow

Seq ID Status Depends on Description Exit Criteria
1 SCANNER-ANALYZERS-LANG-10-306A DONE (2025-10-22) SCANNER-ANALYZERS-LANG-10-307 Parse Cargo metadata (Cargo.lock, .fingerprint, .metadata) and map crates to components with evidence. Fixtures confirm crate attribution ≥85% coverage; metadata normalized; evidence includes path + hash.
2 SCANNER-ANALYZERS-LANG-10-306B DONE (2025-10-22) SCANNER-ANALYZERS-LANG-10-306A Implement heuristic classifier using ELF section names, symbol mangling, and .comment data for stripped binaries. Heuristic output flagged as heuristic; regression tests ensure no false “observed” classifications.
3 SCANNER-ANALYZERS-LANG-10-306C DONE (2025-10-22) SCANNER-ANALYZERS-LANG-10-306B Integrate binary hash fallback (bin:{sha256}) and tie into shared quiet provenance helpers. Fallback path deterministic; shared helpers reused; tests verify consistent hashing.
4 SCANNER-ANALYZERS-LANG-10-307R DONE (2025-10-29) SCANNER-ANALYZERS-LANG-10-306C Finalize shared helper usage (license, usage flags) and concurrency-safe caches. Analyzer uses shared utilities; concurrency tests pass; no race conditions.
5 SCANNER-ANALYZERS-LANG-10-308R TODO SCANNER-ANALYZERS-LANG-10-307R Determinism fixtures + performance benchmarks; compare against competitor heuristic coverage. Fixtures Fixtures/lang/rust/ committed; determinism guard; benchmark shows ≥15% better coverage vs competitor.
6 SCANNER-ANALYZERS-LANG-10-309R TODO SCANNER-ANALYZERS-LANG-10-308R Package plug-in manifest + Offline Kit documentation; ensure Worker integration. Manifest copied; Worker loads analyzer; Offline Kit doc updated.