up

samples/graph/graph-40k/explorer/README.md

@@ -0,0 +1,34 @@
+# Vulnerability Explorer fixtures (SAMPLES-GRAPH-24-004)
+
+Derives a small, deterministic explorer dataset from the canonical graph-40k fixture.
+
+## Files
+- `vuln-explorer.json` — 5 records covering mixed policy verdicts and reachability (reachable/unreachable alternation).
+- `vuln-explorer.csv` — same data for CSV-driven UI/CLI tests; `evidence` is `;`-separated.
+- `manifest.json` — SHA-256 hashes for both files.
+
+## Source
+- Built from `samples/graph/graph-40k/overlay.ndjson` (policy overlays) using `samples/graph/scripts/build_explorer_fixture.py`.
+- Tenant: `demo-tenant`; snapshot: `graph-40k-policy-overlay-20251122`.
+
+## Determinism
+- Fixed advisory list and order.
+- Overlay rows sorted by `overlay_id`; first 5 overlays selected.
+- No randomness; rerunning `build_explorer_fixture.py` produces identical hashes.
+
+## Verify
+```bash
+python samples/graph/scripts/build_explorer_fixture.py
+python - <<'PY'
+import json,hashlib,Pathlib
+from pathlib import Path
+base=Path("samples/graph/graph-40k/explorer")
+for name in ["vuln-explorer.json","vuln-explorer.csv"]:
+    h=hashlib.sha256((base/name).read_bytes()).hexdigest()
+    print(name, h)
+PY
+```
+
+## Consumption hints
+- UI: seed list/detail views and policy conflict badges (fields: `reachability`, `policy_verdict`, `conflict`).
+- CLI: pipe JSON into explorer tests or convert from CSV as needed.