stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.AuthSignals/StellaOps.Policy.AuthSignals.md Normal file
View File

@@ -0,0 +1,41 @@
# Audit - StellaOps.Policy.AuthSignals
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.AuthSignals/StellaOps.Policy.AuthSignals.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: missing
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 0
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- none
- Service locator matches:
- none
### Fix Guidance
- Add `<Nullable>enable</Nullable>` to the project or central props.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.AuthSignals.Tests/StellaOps.Policy.AuthSignals.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

52
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Determinization/StellaOps.Policy.Determinization.md Normal file
View File

@@ -0,0 +1,52 @@
# Audit - StellaOps.Policy.Determinization
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Determinization/StellaOps.Policy.Determinization.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 12
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Scoring/ConflictDetector.cs` (306 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/ReanalysisFingerprint.cs` (297 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/DeterminizationOptions.cs` (211 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/IDeterminizationConfigStore.cs` (210 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/DeterminizationResult.cs` (134 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/DeterminizationContext.cs` (133 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/UncertaintyScore.cs` (129 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Evidence/VexClaimSummary.cs` (128 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Scoring/TrustScoreAggregator.cs` (125 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/GuardRails.cs` (124 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Models/ObservationDecay.cs` (123 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Determinization/Scoring/UncertaintyScoreCalculator.cs` (103 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Determinization.Tests/StellaOps.Policy.Determinization.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

51
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Exceptions/StellaOps.Policy.Exceptions.md Normal file
View File

@@ -0,0 +1,51 @@
# Audit - StellaOps.Policy.Exceptions
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Exceptions/StellaOps.Policy.Exceptions.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 11
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Repositories/PostgresExceptionRepository.cs` (870 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Models/ExceptionObject.cs` (313 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Models/ExceptionEvent.cs` (306 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Services/ExceptionEvaluator.cs` (280 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Services/RecheckEvaluationService.cs` (244 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Services/EvidenceRequirementValidator.cs` (217 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Repositories/IExceptionRepository.cs` (201 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Models/EvidenceHook.cs` (185 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Repositories/PostgresExceptionApplicationRepository.cs` (174 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Models/RecheckPolicy.cs` (157 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Exceptions/Models/ExceptionApplication.cs` (126 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Exceptions.Tests/StellaOps.Policy.Exceptions.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

42
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Explainability/StellaOps.Policy.Explainability.md Normal file
View File

@@ -0,0 +1,42 @@
# Audit - StellaOps.Policy.Explainability
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Explainability/StellaOps.Policy.Explainability.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 2
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Explainability/VerdictRationaleRenderer.cs` (200 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Explainability/VerdictRationale.cs` (197 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: FAIL
- Expected layers: Unit
- Detected test projects: none
- Missing layers: Unit
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- Add a unit test project named `<Project>.Tests` (or document exception).

49
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Interop/StellaOps.Policy.Interop.md Normal file
View File

@@ -0,0 +1,49 @@
# Audit - StellaOps.Policy.Interop
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Interop/StellaOps.Policy.Interop.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 9
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Rego/RegoCodeGenerator.cs` (384 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Evaluation/EmbeddedOpaEvaluator.cs` (358 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Contracts/PolicyInteropModels.cs` (347 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Import/RegoPolicyImporter.cs` (326 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Import/JsonPolicyImporter.cs` (223 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Contracts/PolicyPackDocument.cs` (211 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Evaluation/RemediationResolver.cs` (162 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Export/JsonPolicyExporter.cs` (129 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Interop/Contracts/RemediationModels.cs` (115 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Libraries/__Tests/StellaOps.Policy.Interop.Tests/StellaOps.Policy.Interop.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

75
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Persistence/StellaOps.Policy.Persistence.md Normal file
View File

@@ -0,0 +1,75 @@
# Audit - StellaOps.Policy.Persistence
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Persistence/StellaOps.Policy.Persistence.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 35
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PostgresExceptionObjectRepository.cs` (847 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ExceptionApprovalRepository.cs` (758 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Migration/PolicyMigrator.cs` (474 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/EvaluationRunRepository.cs` (423 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ReplayAuditRepository.cs` (417 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/RiskProfileRepository.cs` (374 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/GateDecisionHistoryRepository.cs` (360 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ExceptionRepository.cs` (355 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Migration/LegacyDocumentConverter.cs` (341 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/RuleRepository.cs` (335 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/TrustedKeyRepository.cs` (329 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/GateBypassAuditRepository.cs` (323 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PostgresBudgetStore.cs` (315 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/WorkerResultRepository.cs` (310 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PackRepository.cs` (268 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PostgresReceiptRepository.cs` (267 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ViolationEventRepository.cs` (265 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ConflictRepository.cs` (258 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/LedgerExportRepository.cs` (253 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/PostgresTrustedKeyRegistry.cs` (251 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/ExceptionApprovalEntity.cs` (246 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PackVersionRepository.cs` (212 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/PostgresGateBypassAuditRepository.cs` (206 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/SnapshotRepository.cs` (179 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/BudgetLedgerEntity.cs` (174 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/EvaluationRunEntity.cs` (174 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ExplanationRepository.cs` (171 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/IExceptionApprovalRepository.cs` (152 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/ServiceCollectionExtensions.cs` (147 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/GateBypassAuditEntity.cs` (140 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/ExceptionEntity.cs` (123 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/RuleEntity.cs` (119 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/IEvaluationRunRepository.cs` (108 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Models/TrustedKeyEntity.cs` (106 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PolicyAuditRepository.cs` (105 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Persistence.Tests/StellaOps.Policy.Persistence.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

43
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Predicates/StellaOps.Policy.Predicates.md Normal file
View File

@@ -0,0 +1,43 @@
# Audit - StellaOps.Policy.Predicates
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Predicates/StellaOps.Policy.Predicates.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 3
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Predicates/FixChain/FixChainGatePredicate.cs` (696 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Predicates/FixChain/FixChainGateNotifier.cs` (468 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Predicates/FixChain/FixChainGateAdapter.cs` (263 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Predicates.Tests/StellaOps.Policy.Predicates.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

49
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy.Unknowns/StellaOps.Policy.Unknowns.md Normal file
View File

@@ -0,0 +1,49 @@
# Audit - StellaOps.Policy.Unknowns
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/StellaOps.Policy.Unknowns.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 9
- Service locator usage (BuildServiceProvider/GetService): 0
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Repositories/UnknownsRepository.cs` (553 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownRanker.cs` (368 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownBudgetService.cs` (328 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Events/BudgetExceededEventFactory.cs` (218 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/UnknownsBudgetEnforcer.cs` (215 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Models/Unknown.cs` (159 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Configuration/DefaultBudgets.cs` (134 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Repositories/IUnknownsRepository.cs` (113 lines)
- `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Models/UnknownBudget.cs` (110 lines)
- Service locator matches:
- none
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/Policy/__Tests/StellaOps.Policy.Unknowns.Tests/StellaOps.Policy.Unknowns.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.

181
docs/implplan-blocked/audits/csproj-standards/Policy/__Libraries/StellaOps.Policy/StellaOps.Policy.md Normal file
View File

@@ -0,0 +1,181 @@
# Audit - StellaOps.Policy
## Project
- Path: `src/Policy/__Libraries/StellaOps.Policy/StellaOps.Policy.csproj`
- Module: `Policy`
- Kind: `Library`
- SDK: `Microsoft.NET.Sdk`
- TargetFramework: `net10.0`
- Audit date (UTC): 2026-01-30
## Coding Standards Findings
- Status: FAIL
- Nullable: enable
- TreatWarningsAsErrors: explicit true
- Deterministic: inherited true
- 100-line rule violations: 130
- Service locator usage (BuildServiceProvider/GetService): 11
- Analyzer enforcement: missing repo-wide (see summary).
### Details
- 100-line files:
- `src/Policy/__Libraries/StellaOps.Policy/PolicyBinder.cs` (1234 lines)
- `src/Policy/__Libraries/StellaOps.Policy/SplLayeringEngine.cs` (629 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicenseComplianceReporter.cs` (612 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyScoringConfigBinder.cs` (603 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyEvaluation.cs` (594 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Vex/VexCustomerOverride.cs` (571 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/DeltaComputer.cs` (544 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SignatureRequiredGate.cs` (507 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Opa/OpaEvidenceModels.cs` (486 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ScoringRulesSnapshot.cs` (480 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SbomPresenceGate.cs` (470 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Vex/TrustPolicyViolations.cs` (463 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/TrustLabel.cs` (457 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaBaselineValidator.cs` (450 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/EarnedCapacityReplenishment.cs` (449 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/PolicyBundle.cs` (447 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/UnknownsGateChecker.cs` (433 lines)
- `src/Policy/__Libraries/StellaOps.Policy/ToolLattice/ToolAccessEvaluator.cs` (433 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Vex/JurisdictionTrustRules.cs` (429 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/FixChainGate.cs` (427 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/VexProofGate.cs` (423 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/TrustLatticeEngine.cs` (419 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/TrustSourceWeights.cs` (414 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/ReleaseAggregateCveGate.cs` (412 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/ProofBundle.cs` (405 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ScoreAttestationStatement.cs` (402 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Crypto/CryptoRiskRules.cs` (393 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/DispositionSelector.cs` (390 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/DeltaVerdictStatement.cs` (374 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/RuntimeWitness/RuntimeWitnessGate.cs` (372 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Counterfactuals/CounterfactualEngine.cs` (370 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Confidence/Services/ConfidenceCalculator.cs` (363 lines)
- `src/Policy/__Libraries/StellaOps.Policy/RiskProfileDiagnostics.cs` (359 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaComplianceReporter.cs` (358 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicenseComplianceEvaluator.cs` (353 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/CvssThresholdGate.cs` (349 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/LatticeStore.cs` (348 lines)
- `src/Policy/__Libraries/StellaOps.Policy/AiCodeGuard/AiCodeGuardSignalBinder.cs` (330 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicenseExpressionEvaluator.cs` (329 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/EpssThresholdGate.cs` (327 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Opa/HttpOpaClient.cs` (325 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/VexNormalizers.cs` (320 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Counterfactuals/CounterfactualResult.cs` (318 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyExplanation.cs` (318 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ScorePolicyValidator.cs` (318 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveDeltaGate.cs` (311 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/BudgetLedger.cs` (307 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyDigest.cs` (305 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Attestation/ITrustedKeyRegistry.cs` (298 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/AssumptionPenalties.cs` (296 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Snapshots/SnapshotService.cs` (289 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Secrets/SecretEvidenceContext.cs` (285 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Opa/OpaGateAdapter.cs` (281 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/SupplierValidator.cs` (281 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/KevBlockerGate.cs` (270 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/DeltaVerdict.cs` (270 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/BudgetConstraintEnforcer.cs` (269 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Replay/ReplayEngine.cs` (266 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/Claim.cs` (265 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/RiskPointScoring.cs` (254 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyValidationCli.cs` (252 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyDocument.cs` (241 lines)
- `src/Policy/__Libraries/StellaOps.Policy/AiCodeGuard/AiCodeGuardEvidenceContext.cs` (237 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/FacetQuotaGate.cs` (235 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Attestation/CompositeAttestationGate.cs` (234 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Attestation/VexStatusPromotionGate.cs` (233 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Crypto/CryptoAtoms.cs` (232 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaCompliancePolicyLoader.cs` (229 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Secrets/SecretSignalBinder.cs` (228 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/CsafVexNormalizer.cs` (227 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicenseKnowledgeBase.cs` (226 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Replay/ReplayReport.cs` (226 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/ReachableCveGate.cs` (226 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveGatesServiceCollectionExtensions.cs` (218 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Attestation/AttestationVerificationGate.cs` (216 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/K4Lattice.cs` (214 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/SpdxLicenseExpressionParser.cs` (205 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/SecurityStateDelta.cs` (203 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Freshness/EvidenceTtlEnforcer.cs` (202 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Snapshots/SnapshotAwarePolicyEvaluator.cs` (199 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Replay/ReplayResult.cs` (199 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/OpenVexNormalizer.cs` (198 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ProofLedger.cs` (198 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveGateHelpers.cs` (197 lines)
- `src/Policy/__Libraries/StellaOps.Policy/SplCanonicalizer.cs` (195 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Replay/KnowledgeSourceResolver.cs` (195 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Snapshots/SnapshotBuilder.cs` (195 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/ReachabilityRequirementGate.cs` (193 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Suppression/SuppressionRuleEvaluator.cs` (190 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/Subject.cs` (187 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/BudgetThresholdNotifier.cs` (184 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/PolicyGateAbstractions.cs` (184 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaComplianceModels.cs` (183 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Replay/VerdictComparer.cs` (181 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ScorePolicyModels.cs` (179 lines)
- `src/Policy/__Libraries/StellaOps.Policy/SplMigrationTool.cs` (178 lines)
- `src/Policy/__Libraries/StellaOps.Policy/AiCodeGuard/IAiCodeGuardEvidenceProvider.cs` (176 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/GateSelector.cs` (175 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/BaselineSelector.cs` (169 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/ClaimScoreMerger.cs` (168 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ProofNode.cs` (167 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Storage/InMemoryRiskProfileRepository.cs` (162 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/RegulatoryFrameworkMapper.cs` (158 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyVerdict.cs` (153 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Opa/IOpaClient.cs` (150 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/ProofHashing.cs` (148 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicensePolicyLoader.cs` (147 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicyPreviewService.cs` (147 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Audit/InMemoryGateBypassAuditRepository.cs` (144 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Attestation/RekorFreshnessGate.cs` (142 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicensePolicy.cs` (137 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/RiskBudget.cs` (136 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Audit/GateBypassAuditEntry.cs` (136 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Deltas/VerdictIdGenerator.cs` (135 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Scoring/FreshnessAwareScoringService.cs` (129 lines)
- `src/Policy/__Libraries/StellaOps.Policy/TrustLattice/SecurityAtom.cs` (124 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/GateLevel.cs` (122 lines)
- `src/Policy/__Libraries/StellaOps.Policy/InMemoryPolicyExplanationStore.cs` (121 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/LicenseComplianceModels.cs` (120 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Confidence/Models/ConfidenceScore.cs` (116 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Secrets/ISecretEvidenceProvider.cs` (113 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Snapshots/KnowledgeSnapshotManifest.cs` (112 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Licensing/AttributionGenerator.cs` (110 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/SupplyChainTransparencyReporter.cs` (108 lines)
- `src/Policy/__Libraries/StellaOps.Policy/PolicySnapshotStore.cs` (105 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/NtiaCompliancePolicy.cs` (104 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Snapshots/SnapshotIdGenerator.cs` (103 lines)
- `src/Policy/__Libraries/StellaOps.Policy/NtiaCompliance/SupplierTrustVerifier.cs` (103 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Gates/EvidenceFreshnessGate.cs` (102 lines)
- `src/Policy/__Libraries/StellaOps.Policy/Audit/IGateBypassAuditRepository.cs` (102 lines)
- Service locator matches:
- `src/Policy/__Libraries/StellaOps.Policy/Gates/FacetQuotaGateServiceCollectionExtensions.cs`:46 var timeProvider = sp.GetService<TimeProvider>() ?? TimeProvider.System;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/CvssThresholdGateExtensions.cs`:37 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<CvssThresholdGateOptions>>()?.Value;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/CvssThresholdGateExtensions.cs`:61 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<CvssThresholdGateOptions>>()?.Value;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/PolicyGateRegistry.cs`:38 var instance = _serviceProvider.GetService(gate.Type) as IPolicyGate
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SignatureRequiredGateExtensions.cs`:37 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<SignatureRequiredGateOptions>>()?.Value;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SignatureRequiredGateExtensions.cs`:61 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<SignatureRequiredGateOptions>>()?.Value;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveGatesServiceCollectionExtensions.cs`:63 var epssProvider = sp.GetService<IEpssDataProvider>();
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveGatesServiceCollectionExtensions.cs`:92 var kevProvider = sp.GetService<IKevDataProvider>();
- `src/Policy/__Libraries/StellaOps.Policy/Gates/Cve/CveGatesServiceCollectionExtensions.cs`:147 var deltaProvider = sp.GetService<ICveDeltaProvider>();
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SbomPresenceGateExtensions.cs`:37 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<SbomPresenceGateOptions>>()?.Value;
- `src/Policy/__Libraries/StellaOps.Policy/Gates/SbomPresenceGateExtensions.cs`:61 var options = sp.GetService<Microsoft.Extensions.Options.IOptions<SbomPresenceGateOptions>>()?.Value;
### Fix Guidance
- Split files over 100 lines into smaller types or partials.
- Replace service locator usage with constructor injection.
## Testing Fullness Findings
- Status: PASS
- Expected layers: Unit
- Detected test projects: src/__Libraries/__Tests/StellaOps.Policy.Tools.Tests/StellaOps.Policy.Tools.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Unknowns.Tests/StellaOps.Policy.Unknowns.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Tests/StellaOps.Policy.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Scoring.Tests/StellaOps.Policy.Scoring.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.RiskProfile.Tests/StellaOps.Policy.RiskProfile.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Predicates.Tests/StellaOps.Policy.Predicates.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Persistence.Tests/StellaOps.Policy.Persistence.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Pack.Tests/StellaOps.Policy.Pack.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Gateway.Tests/StellaOps.Policy.Gateway.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Exceptions.Tests/StellaOps.Policy.Exceptions.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Engine.Tests/StellaOps.Policy.Engine.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Engine.Contract.Tests/StellaOps.Policy.Engine.Contract.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.Determinization.Tests/StellaOps.Policy.Determinization.Tests.csproj [Unit], src/Policy/__Tests/StellaOps.Policy.AuthSignals.Tests/StellaOps.Policy.AuthSignals.Tests.csproj [Unit], src/Policy/__Libraries/__Tests/StellaOps.Policy.Interop.Tests/StellaOps.Policy.Interop.Tests.csproj [Unit]
- Missing layers: none
### Manual checks required
- Observability contract tests for WebService/Worker.
- Intent tagging required for regulatory modules.
- Offline execution (tests must run without network access).
### Fix Guidance
- None.