Skip to content

[DMS-1156] Add package-backed standard schema selection#1017

Merged
samuellugo-ship-it merged 1 commit into
mainfrom
DMS-1156
Jun 18, 2026
Merged

[DMS-1156] Add package-backed standard schema selection#1017
samuellugo-ship-it merged 1 commit into
mainfrom
DMS-1156

Conversation

@simpat-jesus

@simpat-jesus simpat-jesus commented Jun 9, 2026
edited by samuellugo-ship-it
Loading

Copy link
Copy Markdown
Contributor

Summary

  • document and verify the DS-qualified asset-only ApiSchema package contract for DMS-1156
  • add package-backed standard schema selection (core-only); there is no -Extensions parameter — extension/custom schema sets use the expert -ApiSchemaPath filesystem path
  • add package resolver/catalog helpers and claims integration, with focused Pester coverage

Verification

  • pwsh -NoLogo -NoProfile -Command "Invoke-Pester -Path eng/docker-compose/tests/BootstrapPackageResolver.Tests.ps1 -PassThru"
  • pwsh -NoLogo -NoProfile -Command "Invoke-Pester -Path eng/docker-compose/tests/BootstrapStandardSchemaSelection.Tests.ps1 -PassThru"
  • pwsh -NoLogo -NoProfile -Command "Invoke-Pester -Path eng/docker-compose/tests/BootstrapSchemaAndSecuritySelection.Tests.ps1 -PassThru"
  • pwsh -NoLogo -NoProfile -Command "Invoke-Pester -Path eng/docker-compose/tests/BootstrapSeedDelivery.Tests.ps1 -PassThru"
  • git diff --check

github-advanced-security[bot]
github-advanced-security AI found potential problems Jun 9, 2026
View reviewed changes
Comment thread eng/docker-compose/bootstrap-package-resolver.psm1 Fixed
Comment thread eng/docker-compose/bootstrap-schema-catalog.psm1 Fixed
Comment thread eng/docker-compose/bootstrap-schema-catalog.psm1 Fixed
Comment thread eng/docker-compose/tests/BootstrapPackageResolver.Tests.ps1
@@ -0,0 +1,1034 @@
# SPDX-License-Identifier: Apache-2.0
Comment thread eng/docker-compose/tests/BootstrapPackageResolver.Tests.ps1 Fixed
Comment thread eng/docker-compose/tests/BootstrapStandardSchemaSelection.Tests.ps1 Fixed
Comment thread eng/docker-compose/bootstrap-package-resolver.psm1 Fixed
@simpat-jesus simpat-jesus requested a review from a team as a code owner June 9, 2026 20:00
@github-actions

github-actions Bot commented Jun 11, 2026

Copy link
Copy Markdown

🔍 Vulnerabilities of dms-config:latest

📦 Image Reference dms-config:latest
digestsha256:2fdabbd40f57284f6db562bf6518987e791394ab4d732152cbbbaca761beef7a
vulnerabilitiescritical: 0 high: 1 medium: 3 low: 1
platformlinux/amd64
size80 MB
packages426
📦 Base Image alpine:3
also known as
  • 3.23
  • 3.23.3
  • latest
digestsha256:59855d3dceb3ae53991193bd03301e082b2a7faa56a514b03527ae0ec2ce3a95
vulnerabilitiescritical: 2 high: 14 medium: 7 low: 3
critical: 0 high: 1 medium: 1 low: 0 musl 1.2.5-r21 (apk)

pkg:apk/alpine/musl@1.2.5-r21?os_name=alpine&os_version=3.23

high : CVE--2026--40200

Affected range<1.2.5-r23
Fixed version1.2.5-r23
EPSS Score0.020%
EPSS Percentile6th percentile
Description

medium : CVE--2026--6042

Affected range<1.2.5-r22
Fixed version1.2.5-r22
EPSS Score0.006%
EPSS Percentile0th percentile
Description
critical: 0 high: 0 medium: 1 low: 1 zlib 1.3.1-r2 (apk)

pkg:apk/alpine/zlib@1.3.1-r2?os_name=alpine&os_version=3.23

medium : CVE--2026--22184

Affected range<1.3.2-r0
Fixed version1.3.2-r0
EPSS Score0.006%
EPSS Percentile0th percentile
Description

low : CVE--2026--27171

Affected range<1.3.2-r0
Fixed version1.3.2-r0
EPSS Score0.009%
EPSS Percentile1st percentile
Description
critical: 0 high: 0 medium: 1 low: 0 busybox 1.37.0-r30 (apk)

pkg:apk/alpine/busybox@1.37.0-r30?os_name=alpine&os_version=3.23

medium : CVE--2025--60876

Affected range<=1.37.0-r30
Fixed versionNot Fixed
EPSS Score0.069%
EPSS Percentile21st percentile
Description

@github-actions

github-actions Bot commented Jun 11, 2026
edited
Loading

Copy link
Copy Markdown

🔍 Vulnerabilities of dms:pr-test

📦 Image Reference dms:pr-test
digestsha256:a29477afd5d048994f011cb0523e86296af5e7eb89d24185a261d1464d12c7b6
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
platformlinux/amd64
size101 MB
packages458
📦 Base Image alpine:3
also known as
  • 3.23
  • 3.23.3
  • latest
digestsha256:59855d3dceb3ae53991193bd03301e082b2a7faa56a514b03527ae0ec2ce3a95
vulnerabilitiescritical: 2 high: 14 medium: 7 low: 3

@github-actions

github-actions Bot commented Jun 11, 2026

Copy link
Copy Markdown

🔍 Vulnerabilities of dms:latest

📦 Image Reference dms:latest
digestsha256:c2bc0aac16e5c9e3cdf80d7e7b337f34f59e3e5ac4b6df8a01a19d6475756686
vulnerabilitiescritical: 0 high: 2 medium: 12 low: 2
platformlinux/amd64
size101 MB
packages458
📦 Base Image alpine:3
also known as
  • 3.23
  • 3.23.3
  • latest
digestsha256:59855d3dceb3ae53991193bd03301e082b2a7faa56a514b03527ae0ec2ce3a95
vulnerabilitiescritical: 2 high: 14 medium: 7 low: 3
critical: 0 high: 1 medium: 9 low: 1 jq 1.8.1-r0 (apk)

pkg:apk/alpine/jq@1.8.1-r0?os_name=alpine&os_version=3.23

high : CVE--2026--32316

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.025%
EPSS Percentile8th percentile
Description

medium : CVE--2026--39979

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.072%
EPSS Percentile22nd percentile
Description

medium : CVE--2026--41257

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.013%
EPSS Percentile2nd percentile
Description

medium : CVE--2026--43896

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.014%
EPSS Percentile3rd percentile
Description

medium : CVE--2026--43894

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.014%
EPSS Percentile3rd percentile
Description

medium : CVE--2026--33947

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.005%
EPSS Percentile0th percentile
Description

medium : CVE--2026--41256

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.013%
EPSS Percentile2nd percentile
Description

medium : CVE--2026--44777

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.013%
EPSS Percentile2nd percentile
Description

medium : CVE--2026--40612

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.013%
EPSS Percentile2nd percentile
Description

medium : CVE--2026--43895

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.020%
EPSS Percentile6th percentile
Description

low : CVE--2026--33948

Affected range<=1.8.1-r0
Fixed versionNot Fixed
EPSS Score0.137%
EPSS Percentile33rd percentile
Description
critical: 0 high: 1 medium: 1 low: 0 musl 1.2.5-r21 (apk)

pkg:apk/alpine/musl@1.2.5-r21?os_name=alpine&os_version=3.23

high : CVE--2026--40200

Affected range<1.2.5-r23
Fixed version1.2.5-r23
EPSS Score0.020%
EPSS Percentile6th percentile
Description

medium : CVE--2026--6042

Affected range<1.2.5-r22
Fixed version1.2.5-r22
EPSS Score0.006%
EPSS Percentile0th percentile
Description
critical: 0 high: 0 medium: 1 low: 1 zlib 1.3.1-r2 (apk)

pkg:apk/alpine/zlib@1.3.1-r2?os_name=alpine&os_version=3.23

medium : CVE--2026--22184

Affected range<1.3.2-r0
Fixed version1.3.2-r0
EPSS Score0.006%
EPSS Percentile0th percentile
Description

low : CVE--2026--27171

Affected range<1.3.2-r0
Fixed version1.3.2-r0
EPSS Score0.009%
EPSS Percentile1st percentile
Description
critical: 0 high: 0 medium: 1 low: 0 busybox 1.37.0-r30 (apk)

pkg:apk/alpine/busybox@1.37.0-r30?os_name=alpine&os_version=3.23

medium : CVE--2025--60876

Affected range<=1.37.0-r30
Fixed versionNot Fixed
EPSS Score0.069%
EPSS Percentile21st percentile
Description

github-advanced-security[bot]
github-advanced-security AI found potential problems Jun 12, 2026
View reviewed changes
Comment thread eng/docker-compose/prepare-dms-schema.ps1 Fixed
@samuellugo-ship-it @simpat-jesus @claude
[DMS-1156] Add package-backed standard schema selection
936a771 
Rebased onto main (e31ba23 [DMS-1183]) by squashing the branch's 42
commits and two internal merge commits into a single commit. No content
change beyond integrating main's OpenAPI change-query work; the only file
touched by both sides (BootstrapSchemaAndSecuritySelection.Tests.ps1)
merged cleanly.

Co-authored-by: Jesus Flores <jesus@simpat.tech>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@samuellugo-ship-it samuellugo-ship-it merged commit aa27e4c into main Jun 18, 2026
49 checks passed
@samuellugo-ship-it samuellugo-ship-it deleted the DMS-1156 branch June 18, 2026 06:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JBrenesSimpat JBrenesSimpat JBrenesSimpat approved these changes

@simpat-adam simpat-adam simpat-adam approved these changes

+1 more reviewer

@github-advanced-security github-advanced-security[bot] github-advanced-security[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@simpat-jesus @github-advanced-security @JBrenesSimpat @simpat-adam @samuellugo-ship-it