Refactor code structure for improved readability and maintainability; removed redundant code blocks and optimized function calls.

2025-11-20 07:50:52 +02:00
parent 616ec73133
commit 10212d67c0
473 changed files with 316758 additions and 388 deletions
--- a/docs/policy/auth-signals-lib-115.md
+++ b/docs/policy/auth-signals-lib-115.md
@@ -0,0 +1,40 @@
+# POLICY-AUTH-SIGNALS-LIB-115 · Shared P/A/S contracts (draft v0.1)
+
+Purpose: deliver shared models/schemas for Policy, Authority, and Signals so Concelier/Excititor consumers can bind without merge logic.
+
+## Core models (C#-friendly, JSON schema inline)
+- `PolicyAuthSignal`:
+  - `id` (string, required) — stable identifier (ULID preferred)
+  - `tenant` (string, required)
+  - `subject` (string, required) — e.g., `purl`, `sbom://`, `service://`
+  - `signal_type` (string, enum: `reachability`, `attestation`, `risk`, `vex`)
+  - `source` (string, required) — producer service
+  - `confidence` (float?, optional)
+  - `evidence` (array of `EvidenceRef`)
+  - `created` (string, UTC ISO-8601, required)
+- `EvidenceRef`:
+  - `kind` (string, enum: `linkset`, `runtime`, `attestation`, `bundle`)
+  - `uri` (string, required) — CAS or storage pointer
+  - `digest` (string, sha256, required)
+  - `scope` (string) — tenant/scopes
+- `Provenance`:
+  - `pipeline` (string) — build id
+  - `inputs` (array<string>) — hashes of inputs
+  - `signer` (string)
+  - `transparency` (object: `rekor_uuid` or `skip_reason`)
+
+## JSON schema stub (add-only)
+See `schemas/policy-auth-signals-lib-115.json` (to be emitted with the NuGet package).
+
+## Package plan
+- Project: `StellaOps.Policy.AuthSignals` (net10.0)
+- Deliverables: models, JSON schema, sample fixtures, `PolicyAuthSignalJsonContext` for source generators, deterministic serialization.
+- Publish target: `local-nugets/` (version `0.1.0-alpha+draft`), then promote after guild ratification.
+
+## Fixtures (to include in package)
+- `fixtures/policy-auth-signal-sample.json`
+- `fixtures/policy-auth-signal-reachability.json`
+- Schema: `schemas/policy-auth-signals-lib-115.json`
+
+## Status
+- NuGet package `StellaOps.Policy.AuthSignals` 0.1.0-alpha built and placed in `local-nugets/` (sha256: `8ab5aa6c0daf5e56e1355d4d6bcaf110a8bc28b28a5ee1970864bcd4b6ba6750`). Awaiting guild ratification to promote beyond alpha.