feat: Enhance MongoDB storage with event publishing and outbox support

- Added `MongoAdvisoryObservationEventPublisher` and `NatsAdvisoryObservationEventPublisher` for event publishing.
- Registered `IAdvisoryObservationEventPublisher` to choose between NATS and MongoDB based on configuration.
- Introduced `MongoAdvisoryObservationEventOutbox` for outbox pattern implementation.
- Updated service collection to include new event publishers and outbox.
- Added a new hosted service `AdvisoryObservationTransportWorker` for processing events.

feat: Update project dependencies

- Added `NATS.Client.Core` package to the project for NATS integration.

test: Add unit tests for AdvisoryLinkset normalization

- Created `AdvisoryLinksetNormalizationConfidenceTests` to validate confidence score calculations.

fix: Adjust confidence assertion in `AdvisoryObservationAggregationTests`

- Updated confidence assertion to allow a range instead of a fixed value.

test: Implement tests for AdvisoryObservationEventFactory

- Added `AdvisoryObservationEventFactoryTests` to ensure correct mapping and hashing of observation events.

chore: Configure test project for Findings Ledger

- Created `Directory.Build.props` for test project configuration.
- Added `StellaOps.Findings.Ledger.Exports.Unit.csproj` for unit tests related to findings ledger exports.

feat: Implement export contracts for findings ledger

- Defined export request and response contracts in `ExportContracts.cs`.
- Created various export item records for findings, VEX, advisories, and SBOMs.

feat: Add export functionality to Findings Ledger Web Service

- Implemented endpoints for exporting findings, VEX, advisories, and SBOMs.
- Integrated `ExportQueryService` for handling export logic and pagination.

test: Add tests for Node language analyzer phase 22

- Implemented `NodePhase22SampleLoaderTests` to validate loading of NDJSON fixtures.
- Created sample NDJSON file for testing.

chore: Set up isolated test environment for Node tests

- Added `node-isolated.runsettings` for isolated test execution.
- Created `node-tests-isolated.sh` script for running tests in isolation.

src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Node.Tests/Fixtures/node-phase22-sample.ndjson

@@ -0,0 +1,3 @@
+{"type":"component","componentType":"pkg","path":"/src/app.js","format":"esm","fromBundle":true,"reason":"source-map","confidence":0.87,"resolverTrace":["bundle:/app/dist/main.js","map:/app/dist/main.js.map","source:/src/app.js"]}
+{"type":"component","componentType":"native","path":"/app/native/addon.node","arch":"x86_64","platform":"linux","reason":"native-addon-file","confidence":0.82,"resolverTrace":["file:/app/native/addon.node","require:/app/dist/native-entry.js"]}
+{"type":"component","componentType":"wasm","path":"/app/pkg/pkg.wasm","exports":["init","run"],"reason":"wasm-file","confidence":0.80,"resolverTrace":["file:/app/pkg/pkg.wasm","import:/app/dist/wasm-entry.js"]}

src/Scanner/__Tests/StellaOps.Scanner.Analyzers.Lang.Node.Tests/NodePhase22SampleLoaderTests.cs

@@ -0,0 +1,22 @@
+using System.IO;
+using System.Linq;
+using System.Threading;
+using System.Threading.Tasks;
+using StellaOps.Scanner.Analyzers.Lang.Node.Internal.Phase22;
+using Xunit;
+
+namespace StellaOps.Scanner.Analyzers.Lang.Node.Tests;
+
+public class NodePhase22SampleLoaderTests
+{
+    [Fact]
+    public async Task TryLoadAsync_ReadsComponentsFromNdjson()
+    {
+        var root = Path.Combine("Fixtures");
+        var records = await NodePhase22SampleLoader.TryLoadAsync(root, CancellationToken.None);
+
+        Assert.Equal(3, records.Count);
+        var native = records.Single(r => r.Type == "node:native");
+        Assert.Equal("/app/native/addon.node", native.ComponentKey);
+    }
+}

src/Scanner/__Tests/node-isolated.runsettings

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="utf-8"?>
+<RunSettings>
+  <RunConfiguration>
+    <DisableAppDomain>true</DisableAppDomain>
+    <MaxCpuCount>1</MaxCpuCount>
+    <TargetPlatform>x64</TargetPlatform>
+    <TargetFrameworkVersion>net10.0</TargetFrameworkVersion>
+    <ResultsDirectory>./TestResults</ResultsDirectory>
+  </RunConfiguration>
+  <DataCollectionRunSettings>
+    <DataCollectors>
+      <!-- keep deterministic runs; no code coverage collectors by default -->
+    </DataCollectors>
+  </DataCollectionRunSettings>
+</RunSettings>

src/Scanner/__Tests/node-tests-isolated.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -euo pipefail
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+# repo root = two levels up from src/Scanner (__Tests/.. -> .. -> ..)
+REPO_ROOT="$(cd "$SCRIPT_DIR/../../.." && pwd)"
+cd "$REPO_ROOT"
+
+# Restore only filtered projects using offline/local feed
+NUGET_PACKAGES="$REPO_ROOT/offline/packages" \
+DOTNET_RESTORE_DISABLE_PARALLEL=true \
+DOTNET_SYSTEM_NET_HTTP_USESOCKETSHTTPHANDLER=0 \
+dotnet restore src/Scanner/StellaOps.Scanner.Node.slnf \
+  -p:RestorePackagesPath="$REPO_ROOT/offline/packages" \
+  -p:ContinuousIntegrationBuild=true
+
+# Run node analyzer tests in isolation
+DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1 \
+DOTNET_CLI_TELEMETRY_OPTOUT=1 \
+dotnet test src/Scanner/StellaOps.Scanner.Node.slnf \
+  --no-build \
+  --settings "$REPO_ROOT/__Tests/node-isolated.runsettings" \
+  /m:1