stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
docs/features/unchecked/excititor/vex-policy-controlled-trust-and-evidence-requirements.md Normal file
View File

@@ -0,0 +1,31 @@
# VEX Policy-Controlled Trust and Evidence Requirements
## Module
Excititor
## Status
IMPLEMENTED
## Description
Policy-driven trust weights and evidence requirements for VEX claims, with guardrails ensuring safe statuses require evidence satisfaction.
## Implementation Details
- **Modules**: `src/Excititor/__Libraries/StellaOps.Excititor.Core/`, `src/Excititor/StellaOps.Excititor.WebService/`
- **Key Classes**:
- `BaselineVexConsensusPolicy` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/BaselineVexConsensusPolicy.cs`) - baseline policy with evidence requirements for safe statuses
- `VexConsensusPolicyOptions` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/VexConsensusPolicyOptions.cs`) - configurable policy options for trust and evidence
- `TrustWeightRegistry` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/Lattice/TrustWeightRegistry.cs`) - per-source trust weight configuration
- `PolicyLatticeAdapter` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/Lattice/PolicyLatticeAdapter.cs`) - adapts policy engine rules for VEX trust evaluation
- `VexEvidenceLinkOptions` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/Evidence/VexEvidenceLinkOptions.cs`) - evidence linking requirements configuration
- `PolicyEndpoints` (`src/Excititor/StellaOps.Excititor.WebService/Endpoints/PolicyEndpoints.cs`) - REST endpoints for VEX policy queries
- `PolicyContracts` (`src/Excititor/StellaOps.Excititor.WebService/Contracts/PolicyContracts.cs`) - API contracts for policy data
- **Interfaces**: `IVexConsensusPolicy`, `IVexLatticeProvider`
- **Source**: Feature matrix scan
## E2E Test Plan
- [ ] Configure a policy requiring binary-diff evidence for `not_affected` status and verify claims without evidence are rejected
- [ ] Verify `TrustWeightRegistry` applies configurable trust weights: increase vendor weight and verify vendor claims rank higher
- [ ] Verify `BaselineVexConsensusPolicy` enforces minimum evidence requirements for safe statuses (not_affected, fixed)
- [ ] Verify `PolicyLatticeAdapter` applies K4 lattice rules from the policy engine to VEX trust evaluation
- [ ] Verify `VexEvidenceLinkOptions` requires specific evidence types (reachability, binary-diff) for specific statuses
- [ ] Verify `PolicyEndpoints` returns the active VEX policy configuration