stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
b55d9fa68d27848d9e0367447142771dd0c0fc7b
git.stella-ops.org/scripts
History
master b55d9fa68d
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Add comprehensive security tests for OWASP A03 (Injection) and A10 (SSRF) 
- Implemented InjectionTests.cs to cover various injection vulnerabilities including SQL, NoSQL, Command, LDAP, and XPath injections.
- Created SsrfTests.cs to test for Server-Side Request Forgery (SSRF) vulnerabilities, including internal URL access, cloud metadata access, and URL allowlist bypass attempts.
- Introduced MaliciousPayloads.cs to store a collection of malicious payloads for testing various security vulnerabilities.
- Added SecurityAssertions.cs for common security-specific assertion helpers.
- Established SecurityTestBase.cs as a base class for security tests, providing common infrastructure and mocking utilities.
- Configured the test project StellaOps.Security.Tests.csproj with necessary dependencies for testing.
2025-12-16 13:11:57 +02:00
..
__fixtures__/api-compat
up
2025-11-27 07:46:56 +02:00
airgap
feat(zastava): add evidence locker plan and schema examples
2025-12-02 09:27:31 +02:00
attest
up
2025-11-24 07:52:25 +02:00
bench
up
2025-12-14 15:50:38 +02:00
buildx
up
2025-11-24 07:52:25 +02:00
ci
Add comprehensive security tests for OWASP A03 (Injection) and A10 (SSRF)
2025-12-16 13:11:57 +02:00
cli
up
2025-11-24 09:07:40 +02:00
concelier
feat: Implement BerkeleyDB reader for RPM databases
2025-12-07 16:24:45 +02:00
crypto
up
2025-12-11 08:20:15 +02:00
devops
up
2025-11-30 22:36:03 +02:00
devportal
up
2025-11-24 09:07:40 +02:00
export
up
2025-11-24 09:07:40 +02:00
feeds
up
2025-12-09 00:20:52 +02:00
graph
up
2025-11-24 09:07:40 +02:00
mirror
up
2025-12-09 00:20:52 +02:00
notifications
Add signal contracts for reachability, exploitability, trust, and unknown symbols
2025-12-05 00:27:00 +02:00
observability
work
2025-11-25 08:01:23 +02:00
orchestrator
up
2025-11-25 22:09:44 +02:00
packs
feat: add PolicyPackSelectorComponent with tests and integration
2025-12-05 21:24:34 +02:00
policy
up
2025-11-25 22:09:44 +02:00
reachability
up
2025-12-14 15:50:38 +02:00
replay
feat: Add DigestUpsertRequest and LockEntity models
2025-12-03 07:51:50 +02:00
scanner
up
2025-11-24 20:57:49 +02:00
sdk
up
2025-11-25 22:09:44 +02:00
signals
up
2025-12-09 00:20:52 +02:00
symbols
up
2025-11-24 20:57:49 +02:00
tests
up
2025-11-26 20:23:28 +02:00
vex
Add sample proof bundle configurations and verification script
2025-12-04 08:54:32 +02:00
add_blocked_reference.py
Add integration tests for migration categories and execution
2025-12-04 19:10:54 +02:00
api-changelog.mjs
up
2025-11-24 07:52:25 +02:00
api-compat-changelog.mjs
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00
api-compat-changelog.test.mjs
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00
api-compat-diff.mjs
up
2025-11-27 07:46:56 +02:00
api-compat-diff.test.mjs
up
2025-11-27 07:46:56 +02:00
api-example-coverage.mjs
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00
cleanup-runner-space.sh
prep docs and service updates
2025-11-21 06:56:36 +00:00
commit-prep-artifacts.sh
feat: Implement air-gap functionality with timeline impact and evidence snapshot services
2025-12-06 01:30:08 +02:00
enable-openssl11-shim.sh
up
2025-11-24 20:57:49 +02:00
export-policy-schemas.sh
feat(docs): Add comprehensive documentation for Vexer, Vulnerability Explorer, and Zastava modules
2025-10-30 00:09:39 +02:00
fetch-ics-cisa-seed.ps1
up
2025-10-15 10:03:56 +03:00
fetch-ics-cisa-seed.sh
up
2025-10-15 10:03:56 +03:00
kisa_capture_html.py
Add unit tests for SBOM ingestion and transformation
2025-11-04 07:49:39 +02:00
provenance_backfill.py
Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.
2025-11-20 07:50:52 +02:00
publish_attestation_with_provenance.sh
Implement ledger metrics for observability and add tests for Ruby packages endpoints
2025-11-13 09:29:09 +02:00
render_docs.py
Add Authority Advisory AI and API Lifecycle Configuration
2025-11-02 13:50:25 +02:00
rotate-policy-cli-secret.sh
Restructure solution layout by module
2025-10-28 15:10:40 +02:00
run-attestor-ttl-validation.sh
up
2025-12-13 02:22:15 +02:00
run-node-isolated.sh
prep docs and service updates
2025-11-21 06:56:36 +00:00
run-node-phase22-smoke.sh
feat: Add VEX Lens CI and Load Testing Plan
2025-12-02 07:18:28 +02:00
update-apple-fixtures.ps1
Restructure solution layout by module
2025-10-28 15:10:40 +02:00
update-apple-fixtures.sh
Restructure solution layout by module
2025-10-28 15:10:40 +02:00
update-binary-manifests.py
feat: Add new provenance and crypto registry documentation
2025-11-18 23:47:13 +02:00
update-model-goldens.ps1
Restructure solution layout by module
2025-10-28 15:10:40 +02:00
update-model-goldens.sh
Restructure solution layout by module
2025-10-28 15:10:40 +02:00
update-redhat-fixtures.sh
up
2025-10-29 19:24:20 +02:00
validate-attestation-schemas.mjs
Add Authority Advisory AI and API Lifecycle Configuration
2025-11-02 13:50:25 +02:00
verify-binaries.sh
fix: Correct local NuGet source paths in project files and update verification script comments
2025-11-19 00:20:28 +02:00
verify-notify-plugins.ps1
Restructure solution layout by module
2025-10-28 15:10:40 +02:00
verify-notify-plugins.sh
Restructure solution layout by module
2025-10-28 15:10:40 +02:00
verify-policy-scopes.py
Restructure solution layout by module
2025-10-28 15:10:40 +02:00