Refactor code structure for improved readability and maintainability; optimize performance in key functions.

src/Policy/__Libraries/StellaOps.Policy.Unknowns/Models/UnknownReasonCode.cs

@@ -0,0 +1,50 @@
+namespace StellaOps.Policy.Unknowns.Models;
+
+/// <summary>
+/// Canonical reason codes explaining why a component is marked as unknown.
+/// Each code maps to a specific remediation action.
+/// </summary>
+public enum UnknownReasonCode
+{
+    /// <summary>
+    /// U-RCH: Call path analysis is indeterminate.
+    /// The reachability analyzer cannot confirm or deny exploitability.
+    /// </summary>
+    Reachability,
+
+    /// <summary>
+    /// U-ID: Ambiguous package identity or missing digest.
+    /// Cannot uniquely identify the component (e.g., missing PURL, no checksum).
+    /// </summary>
+    Identity,
+
+    /// <summary>
+    /// U-PROV: Cannot map binary artifact to source repository.
+    /// Provenance chain is broken or unavailable.
+    /// </summary>
+    Provenance,
+
+    /// <summary>
+    /// U-VEX: VEX statements conflict or missing applicability data.
+    /// Multiple VEX sources disagree or no VEX coverage exists.
+    /// </summary>
+    VexConflict,
+
+    /// <summary>
+    /// U-FEED: Required knowledge source is missing or stale.
+    /// Advisory feed gap (e.g., no NVD/OSV data for this package).
+    /// </summary>
+    FeedGap,
+
+    /// <summary>
+    /// U-CONFIG: Feature flag or configuration not observable.
+    /// Cannot determine if vulnerable code path is enabled at runtime.
+    /// </summary>
+    ConfigUnknown,
+
+    /// <summary>
+    /// U-ANALYZER: Language or framework not supported by analyzer.
+    /// Static analysis tools do not cover this ecosystem.
+    /// </summary>
+    AnalyzerLimit
+}