documentation cleanse, sprints work and planning. remaining non EF DAL migration to EF

2026-02-25 01:24:07 +02:00
parent b07d27772e
commit 4db038123b
9090 changed files with 4836 additions and 2909 deletions
--- a/docs-archived/qa/feature-checks/runs/policy/delta-verdict-engine/run-001/tier1-code-review.json
+++ b/docs-archived/qa/feature-checks/runs/policy/delta-verdict-engine/run-001/tier1-code-review.json
@@ -0,0 +1,19 @@
+{
+  "tier": 1,
+  "type": "code_review",
+  "capturedAtUtc": "2026-02-12T12:20:00Z",
+  "feature": "delta-verdict-engine",
+  "claimsVerified": true,
+  "missingClaims": [],
+  "presentClaims": [
+    "WhatIfSimulation/WhatIfSimulationService.cs - internal sealed with SimulateAsync",
+    "WhatIfSimulation/WhatIfSimulationModels.cs - request/response DTOs",
+    "Console/ConsoleSimulationDiffService.cs - deterministic delta diff",
+    "Simulation/SimulationAnalyticsService.cs - delta summary computation",
+    "EffectiveDecisionMap/ - materialized baseline decisions for delta comparison",
+    "Endpoints: ConsoleSimulationEndpoint.cs, OverlaySimulationEndpoint.cs, RiskSimulationEndpoints.cs",
+    "Attestation/ - verdict attestation for signed delta output"
+  ],
+  "verdict": "done",
+  "notes": "Full delta verdict computation verified. WhatIfSimulationService with SBOM diff operations, decision change tracking, impact analysis. ConsoleSimulationDiffService for visual delta. SimulationAnalyticsService for severity change tracking. EffectiveDecisionMap for baseline comparisons."
+}
--- a/docs-archived/qa/feature-checks/runs/policy/delta-verdict-engine/run-002/tier0-source-check.json
+++ b/docs-archived/qa/feature-checks/runs/policy/delta-verdict-engine/run-002/tier0-source-check.json
@@ -0,0 +1,24 @@
+{
+  "type": "source",
+  "capturedAtUtc": "2026-02-12T23:55:00Z",
+  "sourceFiles": [
+    "src/Policy/StellaOps.Policy.Engine/WhatIfSimulation/WhatIfSimulationService.cs",
+    "src/Policy/StellaOps.Policy.Engine/WhatIfSimulation/WhatIfSimulationModels.cs",
+    "src/Policy/StellaOps.Policy.Engine/Console/ConsoleSimulationDiffService.cs",
+    "src/Policy/StellaOps.Policy.Engine/Console/ConsoleSimulationDiffModels.cs",
+    "src/Policy/StellaOps.Policy.Engine/Simulation/SimulationAnalyticsService.cs",
+    "src/Policy/StellaOps.Policy.Engine/Simulation/SimulationAnalytics.cs",
+    "src/Policy/StellaOps.Policy.Engine/EffectiveDecisionMap/EffectiveDecisionModels.cs",
+    "src/Policy/StellaOps.Policy.Engine/EffectiveDecisionMap/IEffectiveDecisionMap.cs",
+    "src/Policy/StellaOps.Policy.Engine/EffectiveDecisionMap/RedisEffectiveDecisionMap.cs",
+    "src/Policy/__Libraries/StellaOps.Policy/Deltas/DeltaVerdict.cs",
+    "src/Policy/__Libraries/StellaOps.Policy/Deltas/DeltaVerdictStatement.cs"
+  ],
+  "testFiles": [
+    "src/Policy/__Tests/StellaOps.Policy.Tests/Deltas/DeltaVerdictTests.cs",
+    "src/Policy/__Tests/StellaOps.Policy.Engine.Tests/Console/ConsoleSimulationDiffServiceTests.cs",
+    "src/Policy/__Tests/StellaOps.Policy.Engine.Tests/Simulation/SimulationAnalyticsServiceTests.cs",
+    "src/Policy/__Tests/StellaOps.Policy.Engine.Tests/Determinism/PolicyEngineDeterminismTests.cs"
+  ],
+  "verdict": "pass"
+}
--- a/docs-archived/qa/feature-checks/runs/policy/delta-verdict-engine/run-002/tier1-code-review.json
+++ b/docs-archived/qa/feature-checks/runs/policy/delta-verdict-engine/run-002/tier1-code-review.json
@@ -0,0 +1,29 @@
+{
+  "type": "code_review",
+  "capturedAtUtc": "2026-02-12T23:55:00Z",
+  "reviewedComponents": [
+    "WhatIfSimulationService: full delta computation between baseline and simulated evaluation states",
+    "WhatIfSimulationModels: request/response DTOs with SBOM diffs (add/remove/upgrade/downgrade), draft policies, explanations",
+    "ConsoleSimulationDiffService: deterministic delta diff for console surface with severity breakdowns",
+    "SimulationAnalyticsService: delta summary with outcome/severity change tracking, rule impact, high-impact findings",
+    "DeltaVerdict/DeltaVerdictBuilder: verdict builder with content-addressed IDs, gate escalation, exception handling",
+    "DeltaVerdictStatement: in-toto statement creation for DSSE-signed delta verdict attestations",
+    "DeltaVerdictAttestor: attestation signing and verification for delta verdicts",
+    "EffectiveDecisionMap: materialized baseline decisions for delta comparison (Redis and Messaging implementations)"
+  ],
+  "behaviorVerified": [
+    "WhatIfSimulationService.SimulateAsync: computes baseline vs simulated decisions with SBOM diff operations",
+    "SBOM diff operations: add (advisory-based deny/warn), remove (allow), upgrade (fix-all->allow), downgrade (deny with priority 150)",
+    "VEX not_affected override: deny overridden to allow when VEX status is not_affected",
+    "Reachability downgrade: deny downgraded to warn when finding is unreachable",
+    "WhatIfSummary: TotalEvaluated, TotalChanged, NewlyAffected, NoLongerAffected, StatusChanges, SeverityChanges",
+    "WhatIfImpact: risk delta (increased/decreased/unchanged), blocked/warning count deltas, recommendation text",
+    "Simulation ID generation: whatif-{SHA256(seed)[..16]} deterministic for same inputs",
+    "DeltaVerdictBuilder: content-addressed VerdictId, gate escalation (Critical->G4, High->G3), PassWithExceptions",
+    "ConsoleSimulationDiffService: deterministic before/after severity breakdowns, delta counts, rule impact",
+    "SimulationAnalyticsService: rule firing counts, heatmaps, sampled traces, delta summaries with determinism hashes",
+    "PolicyEngineDeterminismTests: same inputs produce identical verdict hashes, order-independent, concurrent-safe"
+  ],
+  "issues": [],
+  "verdict": "pass"
+}
--- a/docs-archived/qa/feature-checks/runs/policy/delta-verdict-engine/run-002/tier2-integration-check.json
+++ b/docs-archived/qa/feature-checks/runs/policy/delta-verdict-engine/run-002/tier2-integration-check.json
@@ -0,0 +1,47 @@
+{
+  "type": "integration",
+  "capturedAtUtc": "2026-02-12T23:55:00Z",
+  "testCommand": "dotnet test \"src\\Policy\\__Tests\\StellaOps.Policy.Tests\\StellaOps.Policy.Tests.csproj\" --no-restore -v normal && dotnet test \"src\\Policy\\__Tests\\StellaOps.Policy.Engine.Tests\\StellaOps.Policy.Engine.Tests.csproj\" --no-restore -v normal",
+  "testFilter": "all tests in Policy.Tests and Policy.Engine.Tests",
+  "testsRun": 2059,
+  "testsPassed": 2059,
+  "testsFailed": 0,
+  "targetedTestMethods": [
+    "DeltaVerdictTests.Build_WithNoDrivers_ReturnsPass",
+    "DeltaVerdictTests.Build_WithWarningDriver_ReturnsWarn",
+    "DeltaVerdictTests.Build_WithBlockingDriver_ReturnsFail",
+    "DeltaVerdictTests.Build_WithBlockingDriverAndException_ReturnsPassWithExceptions",
+    "DeltaVerdictTests.Build_CriticalDriver_EscalatesToG4",
+    "DeltaVerdictTests.Build_HighDriver_EscalatesToG3",
+    "DeltaVerdictTests.Build_WithRiskPoints_SetsCorrectValue",
+    "DeltaVerdictTests.Build_GeneratesDeterministicVerdictId_ForIdenticalInputs",
+    "DeltaVerdictTests.Build_GeneratesDifferentVerdictId_ForDifferentInputs",
+    "DeltaVerdictTests.Build_IsIdempotent_AcrossMultipleIterations",
+    "DeltaVerdictTests.Build_VerdictIdIsDeterministic_RegardlessOfDriverAddOrder",
+    "DeltaVerdictTests.VerdictIdGenerator_ComputeFromVerdict_MatchesOriginal",
+    "ConsoleSimulationDiffServiceTests.Compute_IsDeterministic_AndCarriesMetadata",
+    "SimulationAnalyticsServiceTests.ComputeRuleFiringCounts_WithFiredRules_CountsCorrectly",
+    "SimulationAnalyticsServiceTests.ComputeRuleFiringCounts_VexOverrides_CountedCorrectly",
+    "SimulationAnalyticsServiceTests.ComputeDeltaSummary_OutcomeChanges_CalculatesCorrectly",
+    "SimulationAnalyticsServiceTests.ComputeDeltaSummary_SeverityChanges_TracksEscalationAndDeescalation",
+    "SimulationAnalyticsServiceTests.ComputeDeltaSummary_HighImpactFindings_IdentifiedCorrectly",
+    "SimulationAnalyticsServiceTests.ComputeDeltaSummary_DeterminismHash_ConsistentForSameInput",
+    "PolicyEngineDeterminismTests.SameInputs_ProduceIdenticalVerdictHash_AcrossMultipleRuns",
+    "PolicyEngineDeterminismTests.InputOrder_DoesNotAffect_VerdictHash",
+    "PolicyEngineDeterminismTests.ConcurrentEvaluations_ProduceIdenticalResults",
+    "PolicyEngineDeterminismTests.VexMergeOrder_DoesNotAffect_VerdictHash"
+  ],
+  "assertionTypes": [
+    "FluentAssertions Should().Be() on DeltaVerdictStatus and DeltaGateLevel",
+    "FluentAssertions Should().HaveCount() on BlockingDrivers and WarningDrivers",
+    "FluentAssertions Should().Contain() on AppliedExceptions and Recommendations",
+    "FluentAssertions Should().StartWith('verdict:sha256:') on VerdictId format",
+    "Assert.Equal on serialized JSON for determinism (ConsoleSimulationDiffService)",
+    "FluentAssertions AllSatisfy on VerdictHash for concurrent determinism",
+    "FluentAssertions BeApproximately for coverage percentages"
+  ],
+  "newTestsWritten": [],
+  "bugsFixed": [],
+  "rawOutput": "Policy.Tests: Passed! - Failed: 0, Passed: 781, Skipped: 0, Total: 781, Duration: 4s 565ms; Policy.Engine.Tests: Passed! - Failed: 0, Passed: 1278, Skipped: 0, Total: 1278, Duration: 6s 984ms",
+  "verdict": "pass"
+}