stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
dd0067ea0bbd01c470be219caeccb1de03a9374b
git.stella-ops.org/docs/modules/scanner/fixtures/cdx17-cbom
History
StellaOps Bot e1262eb916 Add receipt input JSON and SHA256 hash for CVSS policy scoring tests 
- Introduced a new JSON fixture `receipt-input.json` containing base, environmental, and threat metrics for CVSS scoring.
- Added corresponding SHA256 hash file `receipt-input.sha256` to ensure integrity of the JSON fixture.
2025-12-04 07:30:42 +02:00
..
hashes.txt
Add tests and implement timeline ingestion options with NATS and Redis subscribers
2025-12-03 09:46:48 +02:00
README.md
feat: Add DigestUpsertRequest and LockEntity models
2025-12-03 07:51:50 +02:00
sample-cdx16.json
Add tests and implement timeline ingestion options with NATS and Redis subscribers
2025-12-03 09:46:48 +02:00
sample-cdx17-cbom.json
Add tests and implement timeline ingestion options with NATS and Redis subscribers
2025-12-03 09:46:48 +02:00
source-track.sample.json
Add receipt input JSON and SHA256 hash for CVSS policy scoring tests
2025-12-04 07:30:42 +02:00

README.md

CDX 1.7 + CBOM Fixtures (SC2/SC5/SC8)

  • Golden payloads: sample-cdx17-cbom.json, downgraded sample-cdx16.json, with hashes.txt (BLAKE3, SHA256).
  • Must include CVSS v4 + v3.1 ratings, CBOM ingress/egress, evidence properties, SLSA Source Track fields.
  • Used by determinism CI to assert stable ordering/hashes.