stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

more audit work

Browse Source
This commit is contained in:
master
2026-01-08 10:21:51 +02:00
parent 43c02081ef
commit 51cf4bc16c
546 changed files with 36721 additions and 4003 deletions
Download Patch File Download Diff File Expand all files Collapse all files

201
docs/schemas/stellaops-slice.v1.schema.json Normal file
View File

@@ -0,0 +1,201 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "https://stellaops.dev/schemas/stellaops-slice.v1.schema.json",
"title": "StellaOps Reachability Slice v1",
"type": "object",
"required": ["_type", "inputs", "query", "subgraph", "verdict", "manifest"],
"properties": {
"_type": {
"type": "string",
"const": "stellaops.dev/predicates/reachability-slice@v1"
},
"inputs": {
"type": "object",
"required": ["graphDigest"],
"properties": {
"graphDigest": { "type": "string" },
"binaryDigests": {
"type": "array",
"items": { "type": "string" }
},
"sbomDigest": { "type": ["string", "null"] },
"layerDigests": {
"type": "array",
"items": { "type": "string" }
}
},
"additionalProperties": false
},
"query": {
"type": "object",
"properties": {
"cveId": { "type": ["string", "null"] },
"targetSymbols": {
"type": "array",
"items": { "type": "string" }
},
"entrypoints": {
"type": "array",
"items": { "type": "string" }
},
"policyHash": { "type": ["string", "null"] }
},
"additionalProperties": false
},
"subgraph": {
"type": "object",
"required": ["nodes", "edges"],
"properties": {
"nodes": {
"type": "array",
"items": { "$ref": "#/definitions/sliceNode" }
},
"edges": {
"type": "array",
"items": { "$ref": "#/definitions/sliceEdge" }
}
},
"additionalProperties": false
},
"verdict": {
"type": "object",
"required": ["status", "confidence"],
"properties": {
"status": {
"type": "string",
"enum": [
"reachable",
"unreachable",
"unknown",
"gated",
"observed_reachable"
]
},
"confidence": { "type": "number" },
"reasons": {
"type": "array",
"items": { "type": "string" }
},
"pathWitnesses": {
"type": "array",
"items": { "type": "string" }
},
"unknownCount": { "type": "integer" },
"gatedPaths": {
"type": "array",
"items": { "$ref": "#/definitions/gatedPath" }
}
},
"additionalProperties": false
},
"manifest": {
"type": "object",
"required": [
"scanId",
"createdAtUtc",
"artifactDigest",
"scannerVersion",
"workerVersion",
"concelierSnapshotHash",
"excititorSnapshotHash",
"latticePolicyHash",
"deterministic",
"seed",
"knobs"
],
"properties": {
"scanId": { "type": "string" },
"createdAtUtc": { "type": "string", "format": "date-time" },
"artifactDigest": { "type": "string" },
"artifactPurl": { "type": ["string", "null"] },
"scannerVersion": { "type": "string" },
"workerVersion": { "type": "string" },
"concelierSnapshotHash": { "type": "string" },
"excititorSnapshotHash": { "type": "string" },
"latticePolicyHash": { "type": "string" },
"deterministic": { "type": "boolean" },
"seed": { "type": "string" },
"knobs": {
"type": "object",
"additionalProperties": { "type": "string" }
}
},
"additionalProperties": false
}
},
"additionalProperties": false,
"definitions": {
"sliceNode": {
"type": "object",
"required": ["id", "symbol", "kind"],
"properties": {
"id": { "type": "string" },
"symbol": { "type": "string" },
"kind": {
"type": "string",
"enum": ["entrypoint", "intermediate", "target", "unknown"]
},
"file": { "type": ["string", "null"] },
"line": { "type": ["integer", "null"] },
"purl": { "type": ["string", "null"] },
"attributes": {
"type": ["object", "null"],
"additionalProperties": { "type": "string" }
}
},
"additionalProperties": false
},
"sliceEdge": {
"type": "object",
"required": ["from", "to"],
"properties": {
"from": { "type": "string" },
"to": { "type": "string" },
"kind": {
"type": "string",
"enum": ["direct", "plt", "iat", "dynamic", "unknown"]
},
"confidence": { "type": "number" },
"evidence": { "type": ["string", "null"] },
"gate": { "$ref": "#/definitions/sliceGateInfo" },
"observed": { "$ref": "#/definitions/observedEdgeMetadata" }
},
"additionalProperties": false
},
"sliceGateInfo": {
"type": ["object", "null"],
"required": ["type", "condition", "satisfied"],
"properties": {
"type": {
"type": "string",
"enum": ["feature_flag", "auth", "config", "admin_only"]
},
"condition": { "type": "string" },
"satisfied": { "type": "boolean" }
},
"additionalProperties": false
},
"observedEdgeMetadata": {
"type": ["object", "null"],
"required": ["firstObserved", "lastObserved", "count"],
"properties": {
"firstObserved": { "type": "string", "format": "date-time" },
"lastObserved": { "type": "string", "format": "date-time" },
"count": { "type": "integer" },
"traceDigest": { "type": ["string", "null"] }
},
"additionalProperties": false
},
"gatedPath": {
"type": "object",
"required": ["pathId", "gateType", "gateCondition", "gateSatisfied"],
"properties": {
"pathId": { "type": "string" },
"gateType": { "type": "string" },
"gateCondition": { "type": "string" },
"gateSatisfied": { "type": "boolean" }
},
"additionalProperties": false
}
}
}