documentation cleanse, sprints work and planning. remaining non EF DAL migration to EF

2026-02-25 01:24:07 +02:00
parent b07d27772e
commit 4db038123b
9090 changed files with 4836 additions and 2909 deletions
--- a/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/evidence/01-build.txt
+++ b/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/evidence/01-build.txt
--- a/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/evidence/02-tests.txt
+++ b/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/evidence/02-tests.txt
--- a/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/evidence/03-policy-trace-api-probe.json
+++ b/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/evidence/03-policy-trace-api-probe.json
@@ -0,0 +1,65 @@
+{
+  "Type": "api",
+  "Module": "api",
+  "Feature": "policy-trace-panel",
+  "BaseUrl": "in-memory-testserver",
+  "CapturedAtUtc": "2026-02-11T09:49:10.0621099\u002B00:00",
+  "Requests": [
+    {
+      "Description": "List finding summaries with auth",
+      "Method": "GET",
+      "Path": "/api/v1/findings/summaries",
+      "ExpectedStatus": 200,
+      "ActualStatus": 200,
+      "Assertion": "authorized summaries query succeeds",
+      "Result": "pass",
+      "RequestCapturedAtUtc": "2026-02-11T09:49:10.0623687\u002B00:00",
+      "ResponseSnippet": "{\u0022items\u0022:[],\u0022totalCount\u0022:0,\u0022page\u0022:1,\u0022pageSize\u0022:50,\u0022totalPages\u0022:0}"
+    },
+    {
+      "Description": "Invalid finding id returns bad request",
+      "Method": "GET",
+      "Path": "/api/v1/findings/not-a-guid/summary",
+      "ExpectedStatus": 400,
+      "ActualStatus": 400,
+      "Assertion": "invalid GUID is rejected",
+      "Result": "pass",
+      "RequestCapturedAtUtc": "2026-02-11T09:49:10.2733641\u002B00:00",
+      "ResponseSnippet": "{\u0022type\u0022:\u0022https://tools.ietf.org/html/rfc9110#section-15.5.1\u0022,\u0022title\u0022:\u0022invalid_finding_id\u0022,\u0022status\u0022:400,\u0022detail\u0022:\u0022findingId must be a valid GUID.\u0022,\u0022traceId\u0022:\u002200-16d76634fc8dd885423966dc41b346e1-f13674971690c5f0-00\u0022}"
+    },
+    {
+      "Description": "Unknown finding summary returns not found",
+      "Method": "GET",
+      "Path": "/api/v1/findings/b0182670-0d1f-414b-905f-63f05ab1c77a/summary",
+      "ExpectedStatus": 404,
+      "ActualStatus": 404,
+      "Assertion": "unknown finding returns 404",
+      "Result": "pass",
+      "RequestCapturedAtUtc": "2026-02-11T09:49:10.2948666\u002B00:00",
+      "ResponseSnippet": ""
+    },
+    {
+      "Description": "Unknown finding evidence graph returns not found",
+      "Method": "GET",
+      "Path": "/api/v1/findings/ea31c0d1-8752-42d5-9ae2-ad3893c9755d/evidence-graph",
+      "ExpectedStatus": 404,
+      "ActualStatus": 404,
+      "Assertion": "unknown graph returns 404",
+      "Result": "pass",
+      "RequestCapturedAtUtc": "2026-02-11T09:49:10.2994287\u002B00:00",
+      "ResponseSnippet": ""
+    },
+    {
+      "Description": "Unauthorized summaries request is rejected",
+      "Method": "GET",
+      "Path": "/api/v1/findings/summaries",
+      "ExpectedStatus": 401,
+      "ActualStatus": 401,
+      "Assertion": "missing token returns 401",
+      "Result": "pass",
+      "RequestCapturedAtUtc": "2026-02-11T09:49:10.3022986\u002B00:00",
+      "ResponseSnippet": ""
+    }
+  ],
+  "Verdict": "pass"
+}
--- a/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/evidence/03-policy-trace-probe-test-output.txt
+++ b/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/evidence/03-policy-trace-probe-test-output.txt
--- a/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/tier0-source-check.json
+++ b/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/tier0-source-check.json
@@ -0,0 +1,85 @@
+{
+    "type":  "source",
+    "module":  "api",
+    "feature":  "policy-trace-panel",
+    "runId":  "run-001",
+    "capturedAtUtc":  "2026-02-11T09:41:39.0709614Z",
+    "filesChecked":  [
+                         "src/Findings/StellaOps.Findings.Ledger.WebService/Endpoints/ScoringEndpoints.cs",
+                         "src/Findings/StellaOps.Findings.Ledger.WebService/Endpoints/EvidenceGraphEndpoints.cs",
+                         "src/Findings/StellaOps.Findings.Ledger.WebService/Endpoints/FindingSummaryEndpoints.cs",
+                         "src/Findings/StellaOps.Findings.Ledger.WebService/Services/FindingScoringService.cs",
+                         "src/Findings/StellaOps.Findings.Ledger.WebService/Services/EvidenceGraphBuilder.cs",
+                         "src/Findings/StellaOps.Findings.Ledger.WebService/Services/VexConsensusService.cs",
+                         "src/Findings/StellaOps.Findings.Ledger/Infrastructure/Policy/PolicyEngineEvaluationService.cs",
+                         "src/Findings/StellaOps.Findings.Ledger/Infrastructure/Policy/InlinePolicyEvaluationService.cs",
+                         "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/Integration/ScoringEndpointsIntegrationTests.cs",
+                         "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/Integration/ScoringAuthorizationTests.cs",
+                         "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/PolicyEngineEvaluationServiceTests.cs",
+                         "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/InlinePolicyEvaluationServiceTests.cs",
+                         "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/Services/EvidenceGraphBuilderTests.cs",
+                         "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/Services/FindingScoringServiceTests.cs"
+                     ],
+    "found":  [
+                  "src/Findings/StellaOps.Findings.Ledger.WebService/Endpoints/ScoringEndpoints.cs",
+                  "src/Findings/StellaOps.Findings.Ledger.WebService/Endpoints/EvidenceGraphEndpoints.cs",
+                  "src/Findings/StellaOps.Findings.Ledger.WebService/Endpoints/FindingSummaryEndpoints.cs",
+                  "src/Findings/StellaOps.Findings.Ledger.WebService/Services/FindingScoringService.cs",
+                  "src/Findings/StellaOps.Findings.Ledger.WebService/Services/EvidenceGraphBuilder.cs",
+                  "src/Findings/StellaOps.Findings.Ledger.WebService/Services/VexConsensusService.cs",
+                  "src/Findings/StellaOps.Findings.Ledger/Infrastructure/Policy/PolicyEngineEvaluationService.cs",
+                  "src/Findings/StellaOps.Findings.Ledger/Infrastructure/Policy/InlinePolicyEvaluationService.cs",
+                  "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/Integration/ScoringEndpointsIntegrationTests.cs",
+                  "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/Integration/ScoringAuthorizationTests.cs",
+                  "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/PolicyEngineEvaluationServiceTests.cs",
+                  "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/InlinePolicyEvaluationServiceTests.cs",
+                  "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/Services/EvidenceGraphBuilderTests.cs",
+                  "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/Services/FindingScoringServiceTests.cs"
+              ],
+    "missing":  [
+
+                ],
+    "declarationChecks":  [
+                              {
+                                  "pattern":  "class FindingScoringService",
+                                  "found":  true,
+                                  "sample":  "src/Findings\\StellaOps.Findings.Ledger.WebService\\Services\\FindingScoringService.cs:97:public sealed class FindingScoringService : IFindingScoringService"
+                              },
+                              {
+                                  "pattern":  "class EvidenceGraphBuilder",
+                                  "found":  true,
+                                  "sample":  "src/Findings\\StellaOps.Findings.Ledger.WebService\\Services\\EvidenceGraphBuilder.cs:10:public sealed class EvidenceGraphBuilder : IEvidenceGraphBuilder"
+                              },
+                              {
+                                  "pattern":  "class VexConsensusService",
+                                  "found":  true,
+                                  "sample":  "src/Findings\\StellaOps.Findings.Ledger.WebService\\Services\\VexConsensusService.cs:11:public sealed class VexConsensusService"
+                              },
+                              {
+                                  "pattern":  "class PolicyEngineEvaluationService",
+                                  "found":  true,
+                                  "sample":  "src/Findings\\__Tests\\StellaOps.Findings.Ledger.Tests\\PolicyEngineEvaluationServiceTests.cs:15:public sealed class PolicyEngineEvaluationServiceTests"
+                              },
+                              {
+                                  "pattern":  "class InlinePolicyEvaluationService",
+                                  "found":  true,
+                                  "sample":  "src/Findings\\StellaOps.Findings.Ledger\\Infrastructure\\Policy\\InlinePolicyEvaluationService.cs:9:public sealed class InlinePolicyEvaluationService : IPolicyEvaluationService"
+                              },
+                              {
+                                  "pattern":  "MapScoringEndpoints",
+                                  "found":  true,
+                                  "sample":  "src/Findings\\StellaOps.Findings.Ledger.WebService\\Endpoints\\ScoringEndpoints.cs:26:    public static void MapScoringEndpoints(this WebApplication app)"
+                              },
+                              {
+                                  "pattern":  "MapEvidenceGraphEndpoints",
+                                  "found":  true,
+                                  "sample":  "src/Findings\\StellaOps.Findings.Ledger.WebService\\Endpoints\\EvidenceGraphEndpoints.cs:10:    public static void MapEvidenceGraphEndpoints(this WebApplication app)"
+                              },
+                              {
+                                  "pattern":  "MapFindingSummaryEndpoints",
+                                  "found":  true,
+                                  "sample":  "src/Findings\\StellaOps.Findings.Ledger.WebService\\Program.cs:1951:app.MapFindingSummaryEndpoints();"
+                              }
+                          ],
+    "verdict":  "pass"
+}
--- a/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/tier1-build-check.json
+++ b/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/tier1-build-check.json
@@ -0,0 +1,23 @@
+{
+    "type":  "build",
+    "module":  "api",
+    "feature":  "policy-trace-panel",
+    "runId":  "run-001",
+    "capturedAtUtc":  "2026-02-11T09:51:08.7929289Z",
+    "project":  "src/Findings/StellaOps.Findings.Ledger.WebService/StellaOps.Findings.Ledger.WebService.csproj",
+    "testProject":  "src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/StellaOps.Findings.Ledger.Tests.csproj",
+    "buildCommand":  "dotnet build src/Findings/StellaOps.Findings.Ledger.WebService/StellaOps.Findings.Ledger.WebService.csproj -c Release --nologo",
+    "buildResult":  "pass",
+    "buildExitCode":  0,
+    "testCommand":  "dotnet test src/Findings/__Tests/StellaOps.Findings.Ledger.Tests/StellaOps.Findings.Ledger.Tests.csproj -c Release --nologo --filter FullyQualifiedName~PolicyEngineEvaluationServiceTests|FullyQualifiedName~InlinePolicyEvaluationServiceTests|FullyQualifiedName~EvidenceGraphBuilderTests|FullyQualifiedName~ScoringEndpointsIntegrationTests|FullyQualifiedName~ScoringAuthorizationTests|FullyQualifiedName~FeatureVerificationProbeTests",
+    "testResult":  "pass",
+    "testExitCode":  0,
+    "testsRun":  141,
+    "testsPassed":  141,
+    "testsFailed":  0,
+    "evidence":  [
+                     "evidence/01-build.txt",
+                     "evidence/02-tests.txt"
+                 ],
+    "verdict":  "pass"
+}
--- a/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/tier2-api-check.json
+++ b/docs-archived/qa/feature-checks/runs/api/policy-trace-panel/run-001/tier2-api-check.json
@@ -0,0 +1,81 @@
+{
+    "type":  "api",
+    "module":  "api",
+    "feature":  "policy-trace-panel",
+    "runId":  "run-001",
+    "baseUrl":  "in-memory-testserver",
+    "capturedAtUtc":  "2026-02-11T09:49:10.0621099+00:00",
+    "requests":  [
+                     {
+                         "description":  "List finding summaries with auth",
+                         "method":  "GET",
+                         "path":  "/api/v1/findings/summaries",
+                         "expectedStatus":  200,
+                         "actualStatus":  200,
+                         "assertion":  "authorized summaries query succeeds",
+                         "result":  "pass",
+                         "requestCapturedAtUtc":  "2026-02-11T09:49:10.0623687+00:00",
+                         "responseSnippet":  "{\"items\":[],\"totalCount\":0,\"page\":1,\"pageSize\":50,\"totalPages\":0}",
+                         "evidenceFile":  "evidence/03-policy-trace-api-probe.json"
+                     },
+                     {
+                         "description":  "Invalid finding id returns bad request",
+                         "method":  "GET",
+                         "path":  "/api/v1/findings/not-a-guid/summary",
+                         "expectedStatus":  400,
+                         "actualStatus":  400,
+                         "assertion":  "invalid GUID is rejected",
+                         "result":  "pass",
+                         "requestCapturedAtUtc":  "2026-02-11T09:49:10.2733641+00:00",
+                         "responseSnippet":  "{\"type\":\"https://tools.ietf.org/html/rfc9110#section-15.5.1\",\"title\":\"invalid_finding_id\",\"status\":400,\"detail\":\"findingId must be a valid GUID.\",\"traceId\":\"00-16d76634fc8dd885423966dc41b346e1-f13674971690c5f0-00\"}",
+                         "evidenceFile":  "evidence/03-policy-trace-api-probe.json"
+                     },
+                     {
+                         "description":  "Unknown finding summary returns not found",
+                         "method":  "GET",
+                         "path":  "/api/v1/findings/b0182670-0d1f-414b-905f-63f05ab1c77a/summary",
+                         "expectedStatus":  404,
+                         "actualStatus":  404,
+                         "assertion":  "unknown finding returns 404",
+                         "result":  "pass",
+                         "requestCapturedAtUtc":  "2026-02-11T09:49:10.2948666+00:00",
+                         "responseSnippet":  "",
+                         "evidenceFile":  "evidence/03-policy-trace-api-probe.json"
+                     },
+                     {
+                         "description":  "Unknown finding evidence graph returns not found",
+                         "method":  "GET",
+                         "path":  "/api/v1/findings/ea31c0d1-8752-42d5-9ae2-ad3893c9755d/evidence-graph",
+                         "expectedStatus":  404,
+                         "actualStatus":  404,
+                         "assertion":  "unknown graph returns 404",
+                         "result":  "pass",
+                         "requestCapturedAtUtc":  "2026-02-11T09:49:10.2994287+00:00",
+                         "responseSnippet":  "",
+                         "evidenceFile":  "evidence/03-policy-trace-api-probe.json"
+                     },
+                     {
+                         "description":  "Unauthorized summaries request is rejected",
+                         "method":  "GET",
+                         "path":  "/api/v1/findings/summaries",
+                         "expectedStatus":  401,
+                         "actualStatus":  401,
+                         "assertion":  "missing token returns 401",
+                         "result":  "pass",
+                         "requestCapturedAtUtc":  "2026-02-11T09:49:10.3022986+00:00",
+                         "responseSnippet":  "",
+                         "evidenceFile":  "evidence/03-policy-trace-api-probe.json"
+                     }
+                 ],
+    "behaviorVerified":  [
+                             "Authorized summaries endpoint returns structured finding-summary page payload.",
+                             "Invalid summary identifier is rejected with 400 and problem-details payload.",
+                             "Unknown summary and evidence-graph resources return 404.",
+                             "Unauthenticated access to summary endpoint is rejected with 401."
+                         ],
+    "evidence":  [
+                     "evidence/03-policy-trace-api-probe.json",
+                     "evidence/03-policy-trace-probe-test-output.txt"
+                 ],
+    "verdict":  "pass"
+}