consolidate the tests locations

bench/findings/CVE-2023-38545-reachable/decision.dsse.json

@@ -1,10 +0,0 @@
-{
-  "payload": "eyJAY29udGV4dCI6Imh0dHBzOi8vb3BlbnZleC5kZXYvbnMvdjAuMi4wIiwiQHR5cGUiOiJWRVgiLCJhdXRob3IiOiJTdGVsbGFPcHMgQmVuY2ggQXV0b21hdGlvbiIsInJvbGUiOiJzZWN1cml0eV90ZWFtIiwic3RhdGVtZW50cyI6W3siYWN0aW9uX3N0YXRlbWVudCI6IlVwZ3JhZGUgdG8gcGF0Y2hlZCB2ZXJzaW9uIG9yIGFwcGx5IG1pdGlnYXRpb24uIiwiaW1wYWN0X3N0YXRlbWVudCI6IkV2aWRlbmNlIGhhc2g6IHNoYTI1NjpmMWMxZmRiZTk1YjMyNTNiMTNjYTZjNzMzZWMwM2FkYTNlYTg3MWU2NmI1ZGRlZGJiNmMxNGI5ZGM2N2IwNzQ4IiwicHJvZHVjdHMiOlt7IkBpZCI6InBrZzpnZW5lcmljL2N1cmwtQ1ZFLTIwMjMtMzg1NDUtc29ja3M1LWhlYXBAMS4wLjAifV0sInN0YXR1cyI6ImFmZmVjdGVkIiwidnVsbmVyYWJpbGl0eSI6eyJAaWQiOiJodHRwczovL252ZC5uaXN0Lmdvdi92dWxuL2RldGFpbC9DVkUtMjAyMy0zODU0NSIsIm5hbWUiOiJDVkUtMjAyMy0zODU0NSJ9fV0sInRpbWVzdGFtcCI6IjIwMjUtMTItMTRUMDI6MTM6MzhaIiwidG9vbGluZyI6IlN0ZWxsYU9wcy9iZW5jaC1hdXRvQDEuMC4wIiwidmVyc2lvbiI6MX0=",
-  "payloadType": "application/vnd.openvex+json",
-  "signatures": [
-    {
-      "keyid": "stella.ops/bench-automation@v1",
-      "sig": "PLACEHOLDER_SIGNATURE_REQUIRES_ACTUAL_SIGNING"
-    }
-  ]
-}

bench/findings/CVE-2023-38545-reachable/decision.openvex.json

@@ -1,25 +0,0 @@
-{
-  "@context": "https://openvex.dev/ns/v0.2.0",
-  "@type": "VEX",
-  "author": "StellaOps Bench Automation",
-  "role": "security_team",
-  "statements": [
-    {
-      "action_statement": "Upgrade to patched version or apply mitigation.",
-      "impact_statement": "Evidence hash: sha256:f1c1fdbe95b3253b13ca6c733ec03ada3ea871e66b5ddedbb6c14b9dc67b0748",
-      "products": [
-        {
-          "@id": "pkg:generic/curl-CVE-2023-38545-socks5-heap@1.0.0"
-        }
-      ],
-      "status": "affected",
-      "vulnerability": {
-        "@id": "https://nvd.nist.gov/vuln/detail/CVE-2023-38545",
-        "name": "CVE-2023-38545"
-      }
-    }
-  ],
-  "timestamp": "2025-12-14T02:13:38Z",
-  "tooling": "StellaOps/bench-auto@1.0.0",
-  "version": 1
-}

bench/findings/CVE-2023-38545-reachable/evidence/reachability.json

@@ -1,25 +0,0 @@
-{
-  "case_id": "curl-CVE-2023-38545-socks5-heap",
-  "generated_at": "2025-12-14T02:13:38Z",
-  "ground_truth": {
-    "case_id": "curl-CVE-2023-38545-socks5-heap",
-    "paths": [
-      [
-        "sym://net:handler#read",
-        "sym://curl:curl.c#entry",
-        "sym://curl:curl.c#sink"
-      ]
-    ],
-    "schema_version": "reachbench.reachgraph.truth/v1",
-    "variant": "reachable"
-  },
-  "paths": [
-    [
-      "sym://net:handler#read",
-      "sym://curl:curl.c#entry",
-      "sym://curl:curl.c#sink"
-    ]
-  ],
-  "schema_version": "richgraph-excerpt/v1",
-  "variant": "reachable"
-}

bench/findings/CVE-2023-38545-reachable/evidence/sbom.cdx.json

@@ -1,23 +0,0 @@
-{
-  "bomFormat": "CycloneDX",
-  "components": [
-    {
-      "name": "curl-CVE-2023-38545-socks5-heap",
-      "purl": "pkg:generic/curl-CVE-2023-38545-socks5-heap@1.0.0",
-      "type": "library",
-      "version": "1.0.0"
-    }
-  ],
-  "metadata": {
-    "timestamp": "2025-12-14T02:13:38Z",
-    "tools": [
-      {
-        "name": "bench-auto",
-        "vendor": "StellaOps",
-        "version": "1.0.0"
-      }
-    ]
-  },
-  "specVersion": "1.6",
-  "version": 1
-}

bench/findings/CVE-2023-38545-reachable/metadata.json

@@ -1,11 +0,0 @@
-{
-  "case_id": "curl-CVE-2023-38545-socks5-heap",
-  "cve_id": "CVE-2023-38545",
-  "generated_at": "2025-12-14T02:13:38Z",
-  "generator": "scripts/bench/populate-findings.py",
-  "generator_version": "1.0.0",
-  "ground_truth_schema": "reachbench.reachgraph.truth/v1",
-  "purl": "pkg:generic/curl-CVE-2023-38545-socks5-heap@1.0.0",
-  "reachability_status": "reachable",
-  "variant": "reachable"
-}

bench/findings/CVE-2023-38545-reachable/rekor.txt

@@ -1,5 +0,0 @@
-# Rekor log entry placeholder
-# Submit DSSE envelope to Rekor to populate this file
-log_index: PENDING
-uuid: PENDING
-timestamp: 2025-12-14T02:13:38Z