stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

263
docs/implplan-blocked/audits/csproj-standards/Policy/StellaOps.Policy.Engine/StellaOps.Policy.Engine.md Normal file
View File

@@ -0,0 +1,263 @@
# Audit - StellaOps.Policy.Engine
## Project
- Path: `src/Policy/StellaOps.Policy.Engine/StellaOps.Policy.Engine.csproj`
- Module: `Policy`
- Kind: `WebService`
- SDK: `Microsoft.NET.Sdk.Web`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 218
- Service locator usage (BuildServiceProvider/GetService): 3
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/StellaOps.Policy.Engine/Evaluation/PolicyExpressionEvaluator.cs` (1530 lines)
- `src/Policy/StellaOps.Policy.Engine/Telemetry/PolicyEngineTelemetry.cs` (1187 lines)
- `src/Policy/StellaOps.Policy.Engine/Compilation/PolicyMetadataExtractor.cs` (988 lines)
- `src/Policy/StellaOps.Policy.Engine/Evaluation/PolicyEvaluator.cs` (914 lines)
- `src/Policy/StellaOps.Policy.Engine/Simulation/RiskSimulationBreakdownService.cs` (897 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/PolicyRuntimeEvaluationService.cs` (897 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs` (881 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/RiskSimulationEndpoints.cs` (869 lines)
- `src/Policy/StellaOps.Policy.Engine/Simulation/SimulationAnalyticsService.cs` (811 lines)
- `src/Policy/StellaOps.Policy.Engine/Telemetry/ExplainTraceExport.cs` (701 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/ScoreProvenanceChain.cs` (700 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/ExceptionApprovalRulesService.cs` (698 lines)
- `src/Policy/StellaOps.Policy.Engine/Vex/VexDecisionSigningService.cs` (695 lines)
- `src/Policy/StellaOps.Policy.Engine/ExceptionCache/RedisExceptionEffectiveCache.cs` (679 lines)
- `src/Policy/StellaOps.Policy.Engine/Simulation/RiskSimulationService.cs` (652 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/RiskProfileEndpoints.cs` (599 lines)
- `src/Policy/StellaOps.Policy.Engine/ExceptionCache/MessagingExceptionEffectiveCache.cs` (585 lines)
- `src/Policy/StellaOps.Policy.Engine/Telemetry/RuleHitTraceCollector.cs` (572 lines)
- `src/Policy/StellaOps.Policy.Engine/WhatIfSimulation/WhatIfSimulationService.cs` (552 lines)
- `src/Policy/StellaOps.Policy.Engine/AirGap/RiskProfileAirGapExport.cs` (549 lines)
- `src/Policy/StellaOps.Policy.Engine/IncrementalOrchestrator/IncrementalPolicyOrchestrator.cs` (537 lines)
- `src/Policy/StellaOps.Policy.Engine/IncrementalOrchestrator/PolicyChangeEvent.cs` (535 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/VerdictEvidenceWeightedScore.cs` (523 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/VerificationPolicyValidator.cs` (516 lines)
- `src/Policy/StellaOps.Policy.Engine/EffectiveDecisionMap/RedisEffectiveDecisionMap.cs` (501 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/ViolationEndpoints.cs` (500 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/PolicyExplainerService.cs` (497 lines)
- `src/Policy/StellaOps.Policy.Engine/IncrementalOrchestrator/IncrementalOrchestratorBackgroundService.cs` (495 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/VexTrustGate.cs` (489 lines)
- `src/Policy/StellaOps.Policy.Engine/Vex/VexDecisionModels.cs` (478 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/MigrationTelemetryService.cs` (471 lines)
- `src/Policy/StellaOps.Policy.Engine/Telemetry/PolicyTimelineEvents.cs` (471 lines)
- `src/Policy/StellaOps.Policy.Engine/Console/ConsoleAttestationReportService.cs` (470 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/DriftGateEvaluator.cs` (468 lines)
- `src/Policy/StellaOps.Policy.Engine/Notifications/PolicyProfileNotificationService.cs` (467 lines)
- `src/Policy/StellaOps.Policy.Engine/Vex/VexDecisionEmitter.cs` (466 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/Engines/AdvancedScoringEngine.cs` (460 lines)
- `src/Policy/StellaOps.Policy.Engine/Events/PolicyEventProcessor.cs` (454 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/ConfidenceToEwsAdapter.cs` (446 lines)
- `src/Policy/StellaOps.Policy.Engine/EffectiveDecisionMap/MessagingEffectiveDecisionMap.cs` (428 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/ConflictEndpoints.cs` (425 lines)
- `src/Policy/StellaOps.Policy.Engine/Telemetry/RuleHitTrace.cs` (424 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/PolicyDecisionAttestationService.cs` (424 lines)
- `src/Policy/StellaOps.Policy.Engine/ProofOfExposure/PoEPolicyModels.cs` (423 lines)
- `src/Policy/StellaOps.Policy.Engine/AirGap/AirGapNotifications.cs` (422 lines)
- `src/Policy/StellaOps.Policy.Engine/ProofOfExposure/PoEValidationService.cs` (422 lines)
- `src/Policy/StellaOps.Policy.Engine/DependencyInjection/PolicyEngineServiceCollectionExtensions.cs` (422 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/PolicyDecisionPredicate.cs` (421 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/VerificationPolicyEditorEndpoints.cs` (414 lines)
- `src/Policy/StellaOps.Policy.Engine/Options/PolicyEngineOptions.cs` (414 lines)
- `src/Policy/StellaOps.Policy.Engine/DeterminismGuard/ProhibitedPatternAnalyzer.cs` (412 lines)
- `src/Policy/StellaOps.Policy.Engine/Events/ProfileEventPublisher.cs` (412 lines)
- `src/Policy/StellaOps.Policy.Engine/Materialization/EffectiveFindingWriter.cs` (412 lines)
- `src/Policy/StellaOps.Policy.Engine/Notifications/PolicyProfileNotificationPublisher.cs` (396 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/EffectivePolicyEndpoints.cs` (396 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/AttestationReportService.cs` (394 lines)
- `src/Policy/StellaOps.Policy.Engine/SelectionJoin/SelectionJoinService.cs` (390 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/DualEmitVerdictEnricher.cs` (390 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/VerdictPredicate.cs` (386 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/StabilityDampingGate.cs` (384 lines)
- `src/Policy/StellaOps.Policy.Engine/Caching/ProvcachePolicyEvaluationCache.cs` (384 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/PolicyPackEndpoints.cs` (382 lines)
- `src/Policy/StellaOps.Policy.Engine/Telemetry/EvidenceBundle.cs` (379 lines)
- `src/Policy/StellaOps.Policy.Engine/ReachabilityFacts/SignalsBackedReachabilityFactsStore.cs` (377 lines)
- `src/Policy/StellaOps.Policy.Engine/Materialization/EffectiveFindingModels.cs` (376 lines)
- `src/Policy/StellaOps.Policy.Engine/DeterminismGuard/GuardedPolicyEvaluator.cs` (375 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/EwsTelemetryService.cs` (375 lines)
- `src/Policy/StellaOps.Policy.Engine/Program.cs` (371 lines)
- `src/Policy/StellaOps.Policy.Engine/WhatIfSimulation/WhatIfSimulationModels.cs` (371 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateDecision.cs` (369 lines)
- `src/Policy/StellaOps.Policy.Engine/ReachabilityFacts/IReachabilityFactsSignalsClient.cs` (366 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/OverrideEndpoints.cs` (360 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/UnknownsEndpoints.cs` (354 lines)
- `src/Policy/StellaOps.Policy.Engine/Evaluation/PolicyEvaluationContext.cs` (353 lines)
- `src/Policy/StellaOps.Policy.Engine/DeterminismGuard/DeterminismGuardService.cs` (352 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/RvaVerifier.cs` (350 lines)
- `src/Policy/StellaOps.Policy.Engine/Telemetry/PolicyEvaluationAttestation.cs` (347 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/RiskProfileConfigurationService.cs` (344 lines)
- `src/Policy/StellaOps.Policy.Engine/ReachabilityFacts/ReachabilityFactsOverlayCache.cs` (333 lines)
- `src/Policy/StellaOps.Policy.Engine/AirGap/StalenessSignaling.cs` (327 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/CvssReceiptEndpoints.cs` (327 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/Engines/SimpleScoringEngine.cs` (326 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/IScoringEngine.cs` (323 lines)
- `src/Policy/StellaOps.Policy.Engine/Evaluation/VerdictSummary.cs` (323 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/ExceptionAwareEvaluationService.cs` (321 lines)
- `src/Policy/StellaOps.Policy.Engine/Crypto/CryptoRiskEvaluator.cs` (319 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/PolicyEvaluationContextEwsExtensions.cs` (314 lines)
- `src/Policy/StellaOps.Policy.Engine/ReachabilityFacts/ReachabilityFactsSignalsClient.cs` (310 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/DeterminizationConfigEndpoints.cs` (310 lines)
- `src/Policy/StellaOps.Policy.Engine/SelectionJoin/PurlEquivalence.cs` (309 lines)
- `src/Policy/StellaOps.Policy.Engine/ConsoleExport/ConsoleExportJobService.cs` (305 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/EvidenceWeightedScoreEnricher.cs` (304 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/RiskBudgetEndpoints.cs` (304 lines)
- `src/Policy/StellaOps.Policy.Engine/Adapters/ExceptionAdapter.cs` (303 lines)
- `src/Policy/StellaOps.Policy.Engine/Vex/VexOverrideSignals.cs` (301 lines)
- `src/Policy/StellaOps.Policy.Engine/Notifications/PolicyProfileNotificationModels.cs` (300 lines)
- `src/Policy/StellaOps.Policy.Engine/Simulation/RiskSimulationBreakdown.cs` (295 lines)
- `src/Policy/StellaOps.Policy.Engine/MergePreview/PolicyMergePreviewService.cs` (294 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/ScopeAttachmentEndpoints.cs` (290 lines)
- `src/Policy/StellaOps.Policy.Engine/Workers/PolicyEvaluationWorkerService.cs` (287 lines)
- `src/Policy/StellaOps.Policy.Engine/Domain/ExceptionContracts.cs` (287 lines)
- `src/Policy/StellaOps.Policy.Engine/Policies/DeterminizationRuleSet.cs` (283 lines)
- `src/Policy/StellaOps.Policy.Engine/Compilation/PolicyComplexityAnalyzer.cs` (283 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/RiskProfileAirGapEndpoints.cs` (283 lines)
- `src/Policy/StellaOps.Policy.Engine/Signals/Entropy/EntropyPenaltyCalculator.cs` (280 lines)
- `src/Policy/StellaOps.Policy.Engine/Subscriptions/SignalUpdateHandler.cs` (272 lines)
- `src/Policy/StellaOps.Policy.Engine/Caching/InMemoryPolicyEvaluationCache.cs` (271 lines)
- `src/Policy/StellaOps.Policy.Engine/ReachabilityFacts/ReachabilityFactsJoiningService.cs` (270 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/RiskScoringTriggerService.cs` (268 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/Engines/ProofAwareScoringEngine.cs` (267 lines)
- `src/Policy/StellaOps.Policy.Engine/AirGap/PolicyPackBundleImportService.cs` (266 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/VerdictBudgetCheck.cs` (266 lines)
- `src/Policy/StellaOps.Policy.Engine/Domain/ExceptionMapper.cs` (265 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/VerificationPolicyEditorModels.cs` (264 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/VerdictPredicateBuilder.cs` (264 lines)
- `src/Policy/StellaOps.Policy.Engine/Tenancy/TenantContextMiddleware.cs` (262 lines)
- `src/Policy/StellaOps.Policy.Engine/ReachabilityFacts/ReachabilityFactsModels.cs` (258 lines)
- `src/Policy/StellaOps.Policy.Engine/AirGap/SealedModeErrors.cs` (255 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/BudgetEndpoints.cs` (253 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/GateBypassAuditor.cs` (253 lines)
- `src/Policy/StellaOps.Policy.Engine/BatchEvaluation/BatchEvaluationModels.cs` (247 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/PolicyCompilationService.cs` (245 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/DriftGateContext.cs` (244 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/PolicyLintEndpoints.cs` (241 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/ProfileExportEndpoints.cs` (241 lines)
- `src/Policy/StellaOps.Policy.Engine/Console/ConsoleSimulationDiffService.cs` (240 lines)
- `src/Policy/StellaOps.Policy.Engine/Tenancy/TenantContextModels.cs` (240 lines)
- `src/Policy/StellaOps.Policy.Engine/Telemetry/TelemetryExtensions.cs` (239 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/ConsoleExportEndpoints.cs` (238 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/ScoringDeterminismVerifier.cs` (237 lines)
- `src/Policy/StellaOps.Policy.Engine/Simulation/SimulationAnalytics.cs` (236 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/RvaService.cs` (235 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/AttestationReportEndpoints.cs` (233 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/PolicyEvidenceWeightedScoreOptions.cs` (232 lines)
- `src/Policy/StellaOps.Policy.Engine/Console/ConsoleAttestationReportModels.cs` (228 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/VerificationPolicyEndpoints.cs` (227 lines)
- `src/Policy/StellaOps.Policy.Engine/Adapters/ExceptionEffectRegistry.cs` (226 lines)
- `src/Policy/StellaOps.Policy.Engine/ExceptionCache/ExceptionCacheModels.cs` (225 lines)
- `src/Policy/StellaOps.Policy.Engine/EffectiveDecisionMap/EffectiveDecisionModels.cs` (221 lines)
- `src/Policy/StellaOps.Policy.Engine/Compilation/PolicyCompileMetadata.cs` (220 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateOptions.cs` (218 lines)
- `src/Policy/StellaOps.Policy.Engine/AirGap/SealedModeService.cs` (216 lines)
- `src/Policy/StellaOps.Policy.Engine/ReachabilityFacts/ReachabilityFactsStore.cs` (213 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/PolicyDecisionService.cs` (212 lines)
- `src/Policy/StellaOps.Policy.Engine/Telemetry/IncidentMode.cs` (212 lines)
- `src/Policy/StellaOps.Policy.Engine/ReachabilityFacts/ReachabilityCoreBridge.cs` (210 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/RvaBuilder.cs` (208 lines)
- `src/Policy/StellaOps.Policy.Engine/Vex/VexProofSpineService.cs` (207 lines)
- `src/Policy/StellaOps.Policy.Engine/Materialization/PolicyExplainTrace.cs` (206 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/Determinization/DeterminizationGate.cs` (205 lines)
- `src/Policy/StellaOps.Policy.Engine/Confidence/VexTrustConfidenceFactorProvider.cs` (204 lines)
- `src/Policy/StellaOps.Policy.Engine/Caching/MessagingPolicyEvaluationCache.cs` (202 lines)
- `src/Policy/StellaOps.Policy.Engine/ProofOfExposure/PoEPolicyEnricher.cs` (200 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/IFindingScoreEnricher.cs` (200 lines)
- `src/Policy/StellaOps.Policy.Engine/Crypto/CryptoRiskAtoms.cs` (200 lines)
- `src/Policy/StellaOps.Policy.Engine/Storage/InMemory/InMemoryExceptionRepository.cs` (198 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/IPolicyDecisionAttestationService.cs` (197 lines)
- `src/Policy/StellaOps.Policy.Engine/DeterminismGuard/DeterminismViolation.cs` (197 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/ProfileEventEndpoints.cs` (195 lines)
- `src/Policy/StellaOps.Policy.Engine/SelectionJoin/SelectionJoinModels.cs` (192 lines)
- `src/Policy/StellaOps.Policy.Engine/ConsoleExport/ConsoleExportModels.cs` (190 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/VerdictReasonCode.cs` (188 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/InMemoryAttestationReportStore.cs` (188 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/RvaPredicate.cs` (187 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/VerdictAttestationService.cs` (186 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/Determinization/SignalSnapshotBuilder.cs` (185 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/PathScopeMetrics.cs` (185 lines)
- `src/Policy/StellaOps.Policy.Engine/Events/PolicyEffectiveEventModels.cs` (184 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/PolicyEvaluationService.PathScope.cs` (182 lines)
- `src/Policy/StellaOps.Policy.Engine/ReachabilityFacts/MessagingReachabilityFactsOverlayCache.cs` (180 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/ScorePolicyService.cs` (179 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/AttestationReportModels.cs` (178 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/RiskVerdictAttestation.cs` (177 lines)
- `src/Policy/StellaOps.Policy.Engine/Domain/PolicyPackRecord.cs` (176 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/PolicyBundleService.cs` (176 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/VerdictLinkService.cs` (172 lines)
- `src/Policy/StellaOps.Policy.Engine/Events/ProfileEventModels.cs` (172 lines)
- `src/Policy/StellaOps.Policy.Engine/Overlay/PathScopeSimulationBridgeService.cs` (172 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/EffectivePolicyAuditor.cs` (169 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/VexTrustGateOptions.cs` (165 lines)
- `src/Policy/StellaOps.Policy.Engine/BatchEvaluation/BatchExceptionLoader.cs` (165 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/Determinization/DeterminizationGateMetrics.cs` (163 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/RiskScoringModels.cs` (162 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/SealedModeEndpoints.cs` (159 lines)
- `src/Policy/StellaOps.Policy.Engine/ExceptionCache/IExceptionEffectiveCache.cs` (156 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/ScoringProfileService.cs` (156 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/ProfileAwareScoringService.cs` (153 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/DriftGateOptions.cs` (151 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/PolicyCompilationEndpoints.cs` (150 lines)
- `src/Policy/StellaOps.Policy.Engine/BuildGate/ExceptionRecheckGate.cs` (150 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/BatchEvaluationEndpoint.cs` (148 lines)
- `src/Policy/StellaOps.Policy.Engine/Caching/IPolicyEvaluationCache.cs` (145 lines)
- `src/Policy/StellaOps.Policy.Engine/EffectiveDecisionMap/IEffectiveDecisionMap.cs` (144 lines)
- `src/Policy/StellaOps.Policy.Engine/Signals/Entropy/EntropyModels.cs` (143 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/VerificationPolicyModels.cs` (143 lines)
- `src/Policy/StellaOps.Policy.Engine/Simulation/RiskSimulationModels.cs` (141 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/EvidenceWeightedScoreServiceCollectionExtensions.cs` (134 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/InMemoryPolicyPackRepository.cs` (126 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/ConsoleAttestationReportEndpoints.cs` (125 lines)
- `src/Policy/StellaOps.Policy.Engine/Gates/VexTrustGateMetrics.cs` (125 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/RiskProfileSchemaEndpoints.cs` (121 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/StalenessEndpoints.cs` (121 lines)
- `src/Policy/StellaOps.Policy.Engine/Streaming/PathScopeSimulationService.cs` (118 lines)
- `src/Policy/StellaOps.Policy.Engine/ConsoleExport/InMemoryConsoleExportStores.cs` (118 lines)
- `src/Policy/StellaOps.Policy.Engine/AirGap/SealedModeModels.cs` (114 lines)
- `src/Policy/StellaOps.Policy.Engine/Orchestration/OrchestratorJobService.cs` (113 lines)
- `src/Policy/StellaOps.Policy.Engine/AirGap/PolicyPackBundleModels.cs` (113 lines)
- `src/Policy/StellaOps.Policy.Engine/Policies/DeterminizationPolicy.cs` (112 lines)
- `src/Policy/StellaOps.Policy.Engine/Workers/PolicyEvaluationWorkerHost.cs` (112 lines)
- `src/Policy/StellaOps.Policy.Engine/Tenancy/TenantContextServiceCollectionExtensions.cs` (109 lines)
- `src/Policy/StellaOps.Policy.Engine/Attestation/HttpAttestorClient.cs` (107 lines)
- `src/Policy/StellaOps.Policy.Engine/Services/LicenseComplianceService.cs` (107 lines)
- `src/Policy/StellaOps.Policy.Engine/Orchestration/PolicyWorkerService.cs` (107 lines)
- `src/Policy/StellaOps.Policy.Engine/Caching/CacheBypassAccessor.cs` (106 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/RiskScoringJobStore.cs` (106 lines)
- `src/Policy/StellaOps.Policy.Engine/Ledger/LedgerExportService.cs` (104 lines)
- `src/Policy/StellaOps.Policy.Engine/Scoring/ScoringEngineFactory.cs` (102 lines)
- `src/Policy/StellaOps.Policy.Engine/Endpoints/PolicyPackBundleEndpoints.cs` (102 lines)
- Service locator matches:
- `src/Policy/StellaOps.Policy.Engine/DependencyInjection/PolicyEngineServiceCollectionExtensions.cs`:271 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<ReachabilityFactsSignalsClientOptions>>()?.Value;
- `src/Policy/StellaOps.Policy.Engine/Tenancy/TenantContextServiceCollectionExtensions.cs`:93 .GetService<ITenantContextAccessor>();
- `src/Policy/StellaOps.Policy.Engine/Program.cs`:163 sp.GetService<StellaOps.Policy.Engine.ExceptionCache.IExceptionEffectiveCache>(),
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Engine.Tests/StellaOps.Policy.Engine.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Engine.Contract.Tests/StellaOps.Policy.Engine.Contract.Tests.csproj [Unit]
- Missing layers: Integration, Security, Offline
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.

69
docs/implplan-blocked/audits/csproj-standards/Policy/StellaOps.Policy.Gateway/StellaOps.Policy.Gateway.md Normal file
View File

@@ -0,0 +1,69 @@
# Audit - StellaOps.Policy.Gateway
## Project
- Path: `src/Policy/StellaOps.Policy.Gateway/StellaOps.Policy.Gateway.csproj`
- Module: `Policy`
- Kind: `WebService`
- SDK: `Microsoft.NET.Sdk.Web`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 24
- Service locator usage (BuildServiceProvider/GetService): 3
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/StellaOps.Policy.Gateway/Endpoints/GatesEndpoints.cs` (1002 lines)
- `src/Policy/StellaOps.Policy.Gateway/Endpoints/GovernanceEndpoints.cs` (931 lines)
- `src/Policy/StellaOps.Policy.Gateway/Endpoints/ExceptionApprovalEndpoints.cs` (874 lines)
- `src/Policy/StellaOps.Policy.Gateway/Program.cs` (664 lines)
- `src/Policy/StellaOps.Policy.Gateway/Services/ExceptionService.cs` (605 lines)
- `src/Policy/StellaOps.Policy.Gateway/Endpoints/ExceptionEndpoints.cs` (559 lines)
- `src/Policy/StellaOps.Policy.Gateway/Endpoints/ScoreGateEndpoints.cs` (550 lines)
- `src/Policy/StellaOps.Policy.Gateway/Contracts/ExceptionContracts.cs` (466 lines)
- `src/Policy/StellaOps.Policy.Gateway/Contracts/ScoreGateContracts.cs` (445 lines)
- `src/Policy/StellaOps.Policy.Gateway/Endpoints/RegistryWebhookEndpoints.cs` (406 lines)
- `src/Policy/StellaOps.Policy.Gateway/Endpoints/GateEndpoints.cs` (400 lines)
- `src/Policy/StellaOps.Policy.Gateway/Endpoints/DeltasEndpoints.cs` (373 lines)
- `src/Policy/StellaOps.Policy.Gateway/Options/PolicyGatewayOptions.cs` (323 lines)
- `src/Policy/StellaOps.Policy.Gateway/Contracts/DeltaContracts.cs` (293 lines)
- `src/Policy/StellaOps.Policy.Gateway/Services/ApprovalWorkflowService.cs` (275 lines)
- `src/Policy/StellaOps.Policy.Gateway/Clients/PolicyEngineClient.cs` (256 lines)
- `src/Policy/StellaOps.Policy.Gateway/Contracts/GateContracts.cs` (243 lines)
- `src/Policy/StellaOps.Policy.Gateway/Services/PolicyGatewayDpopProofGenerator.cs` (239 lines)
- `src/Policy/StellaOps.Policy.Gateway/Services/ExceptionExpiryWorker.cs` (235 lines)
- `src/Policy/StellaOps.Policy.Gateway/Services/IExceptionService.cs` (234 lines)
- `src/Policy/StellaOps.Policy.Gateway/Services/ExceptionQueryService.cs` (227 lines)
- `src/Policy/StellaOps.Policy.Gateway/Endpoints/ToolLatticeEndpoints.cs` (209 lines)
- `src/Policy/StellaOps.Policy.Gateway/Services/InMemoryGateEvaluationQueue.cs` (184 lines)
- `src/Policy/StellaOps.Policy.Gateway/Services/PolicyEngineTokenProvider.cs` (123 lines)
- Service locator matches:
- `src/Policy/StellaOps.Policy.Gateway/Services/InMemoryGateEvaluationQueue.cs`:147 var evaluator = scope.ServiceProvider.GetRequiredService<IDriftGateEvaluator>();
- `src/Policy/StellaOps.Policy.Gateway/Program.cs`:246 var egressPolicy = serviceProvider.GetService<IEgressPolicy>();
- `src/Policy/StellaOps.Policy.Gateway/Program.cs`:598 var loggerFactory = provider.GetService<ILoggerFactory>();
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit, Integration, Security, Offline
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Gateway.Tests/StellaOps.Policy.Gateway.Tests.csproj [Unit]
- Missing layers: Integration, Security, Offline
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add integration tests for cross-component flows.
- Add security tests for authn/authz or input validation.
- Add offline/airgap coverage with fixtures only.

75
docs/implplan-blocked/audits/csproj-standards/Policy/StellaOps.Policy.Registry/StellaOps.Policy.Registry.md Normal file
View File

@@ -0,0 +1,75 @@
# Audit - StellaOps.Policy.Registry
## Project
- Path: `src/Policy/StellaOps.Policy.Registry/StellaOps.Policy.Registry.csproj`
- Module: `Policy`
- Kind: `Service`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 34
- Service locator usage (BuildServiceProvider/GetService): 1
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/StellaOps.Policy.Registry/PolicyRegistryClient.cs` (634 lines)
- `src/Policy/StellaOps.Policy.Registry/Distribution/PolicyPackOciPublisher.cs` (622 lines)
- `src/Policy/StellaOps.Policy.Registry/Distribution/PolicyPackOfflineBundleService.cs` (514 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/PromotionService.cs` (477 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/PublishPipelineService.cs` (443 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/BatchSimulationOrchestrator.cs` (410 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/PolicySimulationService.cs` (401 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/ReviewWorkflowService.cs` (360 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/PolicyPackCompiler.cs` (299 lines)
- `src/Policy/StellaOps.Policy.Registry/Contracts/PolicyPackContracts.cs` (287 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/IPublishPipelineService.cs` (286 lines)
- `src/Policy/StellaOps.Policy.Registry/Testing/PolicyRegistryTestFixtures.cs` (277 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/IPromotionService.cs` (276 lines)
- `src/Policy/StellaOps.Policy.Registry/Storage/InMemoryPolicyPackStore.cs` (266 lines)
- `src/Policy/StellaOps.Policy.Registry/Telemetry/PolicyRegistryMetrics.cs` (261 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/IReviewWorkflowService.cs` (242 lines)
- `src/Policy/StellaOps.Policy.Registry/Storage/Entities.cs` (232 lines)
- `src/Policy/StellaOps.Policy.Registry/IPolicyRegistryClient.cs` (214 lines)
- `src/Policy/StellaOps.Policy.Registry/Storage/IPolicyPackStore.cs` (212 lines)
- `src/Policy/StellaOps.Policy.Registry/PolicyRegistryServiceCollectionExtensions.cs` (184 lines)
- `src/Policy/StellaOps.Policy.Registry/Telemetry/PolicyRegistryActivitySource.cs` (180 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/IBatchSimulationOrchestrator.cs` (180 lines)
- `src/Policy/StellaOps.Policy.Registry/Testing/PolicyRegistryTestHarness.cs` (148 lines)
- `src/Policy/StellaOps.Policy.Registry/Contracts/VerificationPolicyContracts.cs` (145 lines)
- `src/Policy/StellaOps.Policy.Registry/Storage/InMemoryViolationStore.cs` (145 lines)
- `src/Policy/StellaOps.Policy.Registry/Telemetry/PolicyRegistryLogEvents.cs` (143 lines)
- `src/Policy/StellaOps.Policy.Registry/Storage/InMemoryVerificationPolicyStore.cs` (127 lines)
- `src/Policy/StellaOps.Policy.Registry/Distribution/IPolicyPackOciPublisher.cs` (126 lines)
- `src/Policy/StellaOps.Policy.Registry/Contracts/SealedModeContracts.cs` (121 lines)
- `src/Policy/StellaOps.Policy.Registry/Storage/InMemorySnapshotStore.cs` (121 lines)
- `src/Policy/StellaOps.Policy.Registry/Services/IPolicyPackCompiler.cs` (115 lines)
- `src/Policy/StellaOps.Policy.Registry/Storage/InMemoryOverrideStore.cs` (114 lines)
- `src/Policy/StellaOps.Policy.Registry/Contracts/ViolationContracts.cs` (114 lines)
- `src/Policy/StellaOps.Policy.Registry/Contracts/OverrideContracts.cs` (109 lines)
- Service locator matches:
- `src/Policy/StellaOps.Policy.Registry/Testing/PolicyRegistryTestHarness.cs`:37 _serviceProvider = services.BuildServiceProvider();
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit
- Detected test projects: none
- Missing layers: Unit
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add a unit test project named `<Project>.Tests` (or document exception).

53
docs/implplan-blocked/audits/csproj-standards/Policy/StellaOps.Policy.RiskProfile/StellaOps.Policy.RiskProfile.md Normal file
View File

@@ -0,0 +1,53 @@
# Audit - StellaOps.Policy.RiskProfile
## Project
- Path: `src/Policy/StellaOps.Policy.RiskProfile/StellaOps.Policy.RiskProfile.csproj`
- Module: `Policy`
- Kind: `Service`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 13
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/StellaOps.Policy.RiskProfile/Overrides/OverrideService.cs` (570 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Lifecycle/RiskProfileLifecycleService.cs` (523 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Scope/EffectivePolicyService.cs` (446 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Export/ProfileExportService.cs` (359 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Canonicalization/RiskProfileCanonicalizer.cs` (346 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Scope/ScopeAttachmentService.cs` (339 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Overrides/OverrideModels.cs` (266 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Merge/RiskProfileMergeService.cs` (241 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Hashing/RiskProfileHasher.cs` (218 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Models/RiskProfileModel.cs` (213 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Scope/ScopeAttachmentModels.cs` (187 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Lifecycle/RiskProfileLifecycle.cs` (139 lines)
- `src/Policy/StellaOps.Policy.RiskProfile/Export/ProfileExportModels.cs` (115 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.RiskProfile.Tests/StellaOps.Policy.RiskProfile.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

52
docs/implplan-blocked/audits/csproj-standards/Policy/StellaOps.Policy.Scoring/StellaOps.Policy.Scoring.md Normal file
View File

@@ -0,0 +1,52 @@
# Audit - StellaOps.Policy.Scoring
## Project
- Path: `src/Policy/StellaOps.Policy.Scoring/StellaOps.Policy.Scoring.csproj`
- Module: `Policy`
- Kind: `Service`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 12
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/StellaOps.Policy.Scoring/Engine/CvssV4Engine.cs` (941 lines)
- `src/Policy/StellaOps.Policy.Scoring/Engine/MacroVectorLookup.cs` (896 lines)
- `src/Policy/StellaOps.Policy.Scoring/CvssMetrics.cs` (366 lines)
- `src/Policy/StellaOps.Policy.Scoring/Engine/CvssV3Engine.cs` (350 lines)
- `src/Policy/StellaOps.Policy.Scoring/CvssScoreReceipt.cs` (321 lines)
- `src/Policy/StellaOps.Policy.Scoring/Receipts/ReceiptBuilder.cs` (273 lines)
- `src/Policy/StellaOps.Policy.Scoring/CvssPolicy.cs` (223 lines)
- `src/Policy/StellaOps.Policy.Scoring/Engine/CvssV2Engine.cs` (211 lines)
- `src/Policy/StellaOps.Policy.Scoring/Policies/CvssPolicyLoader.cs` (196 lines)
- `src/Policy/StellaOps.Policy.Scoring/Engine/CvssEngineFactory.cs` (128 lines)
- `src/Policy/StellaOps.Policy.Scoring/Receipts/ReceiptHistoryService.cs` (112 lines)
- `src/Policy/StellaOps.Policy.Scoring/Engine/CvssVersion.cs` (102 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Scoring.Tests/StellaOps.Policy.Scoring.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

50
docs/implplan-blocked/audits/csproj-standards/Policy/StellaOps.PolicyDsl/StellaOps.PolicyDsl.md Normal file
View File

@@ -0,0 +1,50 @@
# Audit - StellaOps.PolicyDsl
## Project
- Path: `src/Policy/StellaOps.PolicyDsl/StellaOps.PolicyDsl.csproj`
- Module: `Policy`
- Kind: `Service`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 10
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/StellaOps.PolicyDsl/PolicyParser.cs` (676 lines)
- `src/Policy/StellaOps.PolicyDsl/DslTokenizer.cs` (582 lines)
- `src/Policy/StellaOps.PolicyDsl/DslCompletionProvider.cs` (554 lines)
- `src/Policy/StellaOps.PolicyDsl/PolicyIrSerializer.cs` (418 lines)
- `src/Policy/StellaOps.PolicyDsl/SignalContext.cs` (216 lines)
- `src/Policy/StellaOps.PolicyDsl/PolicyEngineFactory.cs` (213 lines)
- `src/Policy/StellaOps.PolicyDsl/PolicyCompiler.cs` (174 lines)
- `src/Policy/StellaOps.PolicyDsl/AiCodeGuardSignalContextExtensions.cs` (166 lines)
- `src/Policy/StellaOps.PolicyDsl/PolicySyntaxNodes.cs` (141 lines)
- `src/Policy/StellaOps.PolicyDsl/SecretSignalContextExtensions.cs` (106 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.PolicyDsl.Tests/StellaOps.PolicyDsl.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

41
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.AuthSignals/StellaOps.Policy.AuthSignals.md Normal file
View File

@@ -0,0 +1,41 @@
# Audit - StellaOps.Policy.AuthSignals
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.AuthSignals/StellaOps.Policy.AuthSignals.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: missing
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 0
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- none
- Service locator matches:
- none
### Fix Guidance
- Add `<Nullable>enable</Nullable>` to the project or central props.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.AuthSignals.Tests/StellaOps.Policy.AuthSignals.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

52
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Determinization/StellaOps.Policy.Determinization.md Normal file
View File

@@ -0,0 +1,52 @@
# Audit - StellaOps.Policy.Determinization
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Determinization/StellaOps.Policy.Determinization.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 12
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Scoring/ConflictDetector.cs` (306 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/ReanalysisFingerprint.cs` (297 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/DeterminizationOptions.cs` (211 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/IDeterminizationConfigStore.cs` (210 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/DeterminizationResult.cs` (134 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/DeterminizationContext.cs` (133 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/UncertaintyScore.cs` (129 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Evidence/VexClaimSummary.cs` (128 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Scoring/TrustScoreAggregator.cs` (125 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/GuardRails.cs` (124 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/ObservationDecay.cs` (123 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Scoring/UncertaintyScoreCalculator.cs` (103 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Determinization.Tests/StellaOps.Policy.Determinization.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

51
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Exceptions/StellaOps.Policy.Exceptions.md Normal file
View File

@@ -0,0 +1,51 @@
# Audit - StellaOps.Policy.Exceptions
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Exceptions/StellaOps.Policy.Exceptions.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 11
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Repositories/PostgresExceptionRepository.cs` (870 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Models/ExceptionObject.cs` (313 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Models/ExceptionEvent.cs` (306 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Services/ExceptionEvaluator.cs` (280 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Services/RecheckEvaluationService.cs` (244 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Services/EvidenceRequirementValidator.cs` (217 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Repositories/IExceptionRepository.cs` (201 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Models/EvidenceHook.cs` (185 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Repositories/PostgresExceptionApplicationRepository.cs` (174 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Models/RecheckPolicy.cs` (157 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Models/ExceptionApplication.cs` (126 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Exceptions.Tests/StellaOps.Policy.Exceptions.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

42
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Explainability/StellaOps.Policy.Explainability.md Normal file
View File

@@ -0,0 +1,42 @@
# Audit - StellaOps.Policy.Explainability
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Explainability/StellaOps.Policy.Explainability.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 2
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Explainability/VerdictRationaleRenderer.cs` (200 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Explainability/VerdictRationale.cs` (197 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit
- Detected test projects: none
- Missing layers: Unit
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add a unit test project named `<Project>.Tests` (or document exception).

49
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Interop/StellaOps.Policy.Interop.md Normal file
View File

@@ -0,0 +1,49 @@
# Audit - StellaOps.Policy.Interop
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Interop/StellaOps.Policy.Interop.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 9
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Rego/RegoCodeGenerator.cs` (384 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Evaluation/EmbeddedOpaEvaluator.cs` (358 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Contracts/PolicyInteropModels.cs` (347 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Import/RegoPolicyImporter.cs` (326 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Import/JsonPolicyImporter.cs` (223 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Contracts/PolicyPackDocument.cs` (211 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Evaluation/RemediationResolver.cs` (162 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Export/JsonPolicyExporter.cs` (129 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Contracts/RemediationModels.cs` (115 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Libraries/__Tests/StellaOps.Policy.Interop.Tests/StellaOps.Policy.Interop.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

75
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Persistence/StellaOps.Policy.Persistence.md Normal file
View File

@@ -0,0 +1,75 @@
# Audit - StellaOps.Policy.Persistence
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Persistence/StellaOps.Policy.Persistence.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 35
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PostgresExceptionObjectRepository.cs` (847 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ExceptionApprovalRepository.cs` (758 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Migration/PolicyMigrator.cs` (474 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/EvaluationRunRepository.cs` (423 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ReplayAuditRepository.cs` (417 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/RiskProfileRepository.cs` (374 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/GateDecisionHistoryRepository.cs` (360 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ExceptionRepository.cs` (355 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Migration/LegacyDocumentConverter.cs` (341 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/RuleRepository.cs` (335 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/TrustedKeyRepository.cs` (329 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/GateBypassAuditRepository.cs` (323 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PostgresBudgetStore.cs` (315 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/WorkerResultRepository.cs` (310 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PackRepository.cs` (268 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PostgresReceiptRepository.cs` (267 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ViolationEventRepository.cs` (265 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ConflictRepository.cs` (258 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/LedgerExportRepository.cs` (253 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/PostgresTrustedKeyRegistry.cs` (251 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/ExceptionApprovalEntity.cs` (246 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PackVersionRepository.cs` (212 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/PostgresGateBypassAuditRepository.cs` (206 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/SnapshotRepository.cs` (179 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/BudgetLedgerEntity.cs` (174 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/EvaluationRunEntity.cs` (174 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ExplanationRepository.cs` (171 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/IExceptionApprovalRepository.cs` (152 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/ServiceCollectionExtensions.cs` (147 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/GateBypassAuditEntity.cs` (140 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/ExceptionEntity.cs` (123 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/RuleEntity.cs` (119 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/IEvaluationRunRepository.cs` (108 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/TrustedKeyEntity.cs` (106 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PolicyAuditRepository.cs` (105 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Persistence.Tests/StellaOps.Policy.Persistence.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

43
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Predicates/StellaOps.Policy.Predicates.md Normal file
View File

@@ -0,0 +1,43 @@
# Audit - StellaOps.Policy.Predicates
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Predicates/StellaOps.Policy.Predicates.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 3
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Predicates/FixChain/FixChainGatePredicate.cs` (696 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Predicates/FixChain/FixChainGateNotifier.cs` (468 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Predicates/FixChain/FixChainGateAdapter.cs` (263 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Predicates.Tests/StellaOps.Policy.Predicates.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

49
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Unknowns/StellaOps.Policy.Unknowns.md Normal file
View File

@@ -0,0 +1,49 @@
# Audit - StellaOps.Policy.Unknowns
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/StellaOps.Policy.Unknowns.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 9
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Repositories/UnknownsRepository.cs` (553 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownRanker.cs` (368 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownBudgetService.cs` (328 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Events/BudgetExceededEventFactory.cs` (218 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/UnknownsBudgetEnforcer.cs` (215 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Models/Unknown.cs` (159 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Configuration/DefaultBudgets.cs` (134 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Repositories/IUnknownsRepository.cs` (113 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Models/UnknownBudget.cs` (110 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Unknowns.Tests/StellaOps.Policy.Unknowns.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

181
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy/StellaOps.Policy.md Normal file
View File

@@ -0,0 +1,181 @@
# Audit - StellaOps.Policy
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy/StellaOps.Policy.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 130
- Service locator usage (BuildServiceProvider/GetService): 11
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy/PolicyBinder.cs` (1234 lines)
- `src/Policy/__Libraries/StellaOps.Policy/SplLayeringEngine.cs` (629 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicenseComplianceReporter.cs` (612 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyScoringConfigBinder.cs` (603 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyEvaluation.cs` (594 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Vex/VexCustomerOverride.cs` (571 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/DeltaComputer.cs` (544 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SignatureRequiredGate.cs` (507 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Opa/OpaEvidenceModels.cs` (486 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ScoringRulesSnapshot.cs` (480 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SbomPresenceGate.cs` (470 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Vex/TrustPolicyViolations.cs` (463 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/TrustLabel.cs` (457 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaBaselineValidator.cs` (450 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/EarnedCapacityReplenishment.cs` (449 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/PolicyBundle.cs` (447 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/UnknownsGateChecker.cs` (433 lines)
- `src/Policy/__Libraries/StellaOps.Policy/ToolLattice/ToolAccessEvaluator.cs` (433 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Vex/JurisdictionTrustRules.cs` (429 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/FixChainGate.cs` (427 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/VexProofGate.cs` (423 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/TrustLatticeEngine.cs` (419 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/TrustSourceWeights.cs` (414 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/ReleaseAggregateCveGate.cs` (412 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/ProofBundle.cs` (405 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ScoreAttestationStatement.cs` (402 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Crypto/CryptoRiskRules.cs` (393 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/DispositionSelector.cs` (390 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/DeltaVerdictStatement.cs` (374 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/RuntimeWitness/RuntimeWitnessGate.cs` (372 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Counterfactuals/CounterfactualEngine.cs` (370 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Confidence/Services/ConfidenceCalculator.cs` (363 lines)
- `src/Policy/__Libraries/StellaOps.Policy/RiskProfileDiagnostics.cs` (359 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaComplianceReporter.cs` (358 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicenseComplianceEvaluator.cs` (353 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/CvssThresholdGate.cs` (349 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/LatticeStore.cs` (348 lines)
- `src/Policy/__Libraries/StellaOps.Policy/AiCodeGuard/AiCodeGuardSignalBinder.cs` (330 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicenseExpressionEvaluator.cs` (329 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/EpssThresholdGate.cs` (327 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Opa/HttpOpaClient.cs` (325 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/VexNormalizers.cs` (320 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Counterfactuals/CounterfactualResult.cs` (318 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyExplanation.cs` (318 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ScorePolicyValidator.cs` (318 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveDeltaGate.cs` (311 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/BudgetLedger.cs` (307 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyDigest.cs` (305 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Attestation/ITrustedKeyRegistry.cs` (298 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/AssumptionPenalties.cs` (296 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Snapshots/SnapshotService.cs` (289 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Secrets/SecretEvidenceContext.cs` (285 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Opa/OpaGateAdapter.cs` (281 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/SupplierValidator.cs` (281 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/KevBlockerGate.cs` (270 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/DeltaVerdict.cs` (270 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/BudgetConstraintEnforcer.cs` (269 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Replay/ReplayEngine.cs` (266 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/Claim.cs` (265 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/RiskPointScoring.cs` (254 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyValidationCli.cs` (252 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyDocument.cs` (241 lines)
- `src/Policy/__Libraries/StellaOps.Policy/AiCodeGuard/AiCodeGuardEvidenceContext.cs` (237 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/FacetQuotaGate.cs` (235 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Attestation/CompositeAttestationGate.cs` (234 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Attestation/VexStatusPromotionGate.cs` (233 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Crypto/CryptoAtoms.cs` (232 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaCompliancePolicyLoader.cs` (229 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Secrets/SecretSignalBinder.cs` (228 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/CsafVexNormalizer.cs` (227 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicenseKnowledgeBase.cs` (226 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Replay/ReplayReport.cs` (226 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/ReachableCveGate.cs` (226 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveGatesServiceCollectionExtensions.cs` (218 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Attestation/AttestationVerificationGate.cs` (216 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/K4Lattice.cs` (214 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/SpdxLicenseExpressionParser.cs` (205 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/SecurityStateDelta.cs` (203 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Freshness/EvidenceTtlEnforcer.cs` (202 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Snapshots/SnapshotAwarePolicyEvaluator.cs` (199 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Replay/ReplayResult.cs` (199 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/OpenVexNormalizer.cs` (198 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ProofLedger.cs` (198 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveGateHelpers.cs` (197 lines)
- `src/Policy/__Libraries/StellaOps.Policy/SplCanonicalizer.cs` (195 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Replay/KnowledgeSourceResolver.cs` (195 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Snapshots/SnapshotBuilder.cs` (195 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/ReachabilityRequirementGate.cs` (193 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Suppression/SuppressionRuleEvaluator.cs` (190 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/Subject.cs` (187 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/BudgetThresholdNotifier.cs` (184 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/PolicyGateAbstractions.cs` (184 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaComplianceModels.cs` (183 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Replay/VerdictComparer.cs` (181 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ScorePolicyModels.cs` (179 lines)
- `src/Policy/__Libraries/StellaOps.Policy/SplMigrationTool.cs` (178 lines)
- `src/Policy/__Libraries/StellaOps.Policy/AiCodeGuard/IAiCodeGuardEvidenceProvider.cs` (176 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/GateSelector.cs` (175 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/BaselineSelector.cs` (169 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/ClaimScoreMerger.cs` (168 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ProofNode.cs` (167 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Storage/InMemoryRiskProfileRepository.cs` (162 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/RegulatoryFrameworkMapper.cs` (158 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyVerdict.cs` (153 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Opa/IOpaClient.cs` (150 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ProofHashing.cs` (148 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicensePolicyLoader.cs` (147 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyPreviewService.cs` (147 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Audit/InMemoryGateBypassAuditRepository.cs` (144 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Attestation/RekorFreshnessGate.cs` (142 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicensePolicy.cs` (137 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/RiskBudget.cs` (136 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Audit/GateBypassAuditEntry.cs` (136 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/VerdictIdGenerator.cs` (135 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/FreshnessAwareScoringService.cs` (129 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/SecurityAtom.cs` (124 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/GateLevel.cs` (122 lines)
- `src/Policy/__Libraries/StellaOps.Policy/InMemoryPolicyExplanationStore.cs` (121 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicenseComplianceModels.cs` (120 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Confidence/Models/ConfidenceScore.cs` (116 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Secrets/ISecretEvidenceProvider.cs` (113 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Snapshots/KnowledgeSnapshotManifest.cs` (112 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/AttributionGenerator.cs` (110 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/SupplyChainTransparencyReporter.cs` (108 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicySnapshotStore.cs` (105 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaCompliancePolicy.cs` (104 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Snapshots/SnapshotIdGenerator.cs` (103 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/SupplierTrustVerifier.cs` (103 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/EvidenceFreshnessGate.cs` (102 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Audit/IGateBypassAuditRepository.cs` (102 lines)
- Service locator matches:
- `src/Policy/__Libraries/StellaOps.Policy/Gates/FacetQuotaGateServiceCollectionExtensions.cs`:46 var timeProvider = sp.GetService<TimeProvider>() ?? TimeProvider.System;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/CvssThresholdGateExtensions.cs`:37 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<CvssThresholdGateOptions>>()?.Value;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/CvssThresholdGateExtensions.cs`:61 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<CvssThresholdGateOptions>>()?.Value;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/PolicyGateRegistry.cs`:38 var instance = _serviceProvider.GetService(gate.Type) as IPolicyGate
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SignatureRequiredGateExtensions.cs`:37 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<SignatureRequiredGateOptions>>()?.Value;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SignatureRequiredGateExtensions.cs`:61 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<SignatureRequiredGateOptions>>()?.Value;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveGatesServiceCollectionExtensions.cs`:63 var epssProvider = sp.GetService<IEpssDataProvider>();
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveGatesServiceCollectionExtensions.cs`:92 var kevProvider = sp.GetService<IKevDataProvider>();
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveGatesServiceCollectionExtensions.cs`:147 var deltaProvider = sp.GetService<ICveDeltaProvider>();
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SbomPresenceGateExtensions.cs`:37 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<SbomPresenceGateOptions>>()?.Value;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SbomPresenceGateExtensions.cs`:61 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<SbomPresenceGateOptions>>()?.Value;
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/__Libraries/__Tests/StellaOps.Policy.Tools.Tests/StellaOps.Policy.Tools.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Unknowns.Tests/StellaOps.Policy.Unknowns.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Tests/StellaOps.Policy.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Scoring.Tests/StellaOps.Policy.Scoring.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.RiskProfile.Tests/StellaOps.Policy.RiskProfile.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Predicates.Tests/StellaOps.Policy.Predicates.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Persistence.Tests/StellaOps.Policy.Persistence.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Pack.Tests/StellaOps.Policy.Pack.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Gateway.Tests/StellaOps.Policy.Gateway.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Exceptions.Tests/StellaOps.Policy.Exceptions.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Engine.Tests/StellaOps.Policy.Engine.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Engine.Contract.Tests/StellaOps.Policy.Engine.Contract.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Determinization.Tests/StellaOps.Policy.Determinization.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.AuthSignals.Tests/StellaOps.Policy.AuthSignals.Tests.csproj [Unit], src/Policy/__Libraries/__Tests/StellaOps.Policy.Interop.Tests/StellaOps.Policy.Interop.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.