more audit work

src/Policy/__Libraries/StellaOps.Policy.Exceptions/Repositories/PostgresExceptionRepository.cs

@@ -7,7 +7,7 @@ using System.Collections.Immutable;
 using System.Text.Json;
 using Microsoft.Extensions.Logging;
 using Npgsql;
-using StellaOps.Determinism.Abstractions;
+using StellaOps.Determinism;
 using StellaOps.Policy.Exceptions.Models;
 
 namespace StellaOps.Policy.Exceptions.Repositories;

src/Policy/__Libraries/StellaOps.Policy.Exceptions/StellaOps.Policy.Exceptions.csproj

@@ -19,4 +19,8 @@
     <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" />
     <PackageReference Include="Npgsql" />
   </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\..\..\__Libraries\StellaOps.Determinism.Abstractions\StellaOps.Determinism.Abstractions.csproj" />
+  </ItemGroup>
 </Project>

src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Migration/PolicyMigrator.cs

@@ -1,5 +1,5 @@
 using Microsoft.Extensions.Logging;
-using StellaOps.Determinism.Abstractions;
+using StellaOps.Determinism;
 using StellaOps.Policy.Persistence.Postgres.Models;
 using StellaOps.Policy.Persistence.Postgres.Repositories;
 

src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ExceptionApprovalRepository.cs

@@ -1,6 +1,6 @@
 using Microsoft.Extensions.Logging;
 using Npgsql;
-using StellaOps.Determinism.Abstractions;
+using StellaOps.Determinism;
 using StellaOps.Infrastructure.Postgres.Repositories;
 using StellaOps.Policy.Persistence.Postgres.Models;
 

src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/ExplanationRepository.cs

@@ -1,6 +1,6 @@
 using Microsoft.Extensions.Logging;
 using Npgsql;
-using StellaOps.Determinism.Abstractions;
+using StellaOps.Determinism;
 using StellaOps.Infrastructure.Postgres.Repositories;
 using StellaOps.Policy.Persistence.Postgres.Models;
 

src/Policy/__Libraries/StellaOps.Policy.Persistence/Postgres/Repositories/PostgresExceptionObjectRepository.cs

@@ -3,7 +3,7 @@ using System.Text;
 using System.Text.Json;
 using Microsoft.Extensions.Logging;
 using Npgsql;
-using StellaOps.Determinism.Abstractions;
+using StellaOps.Determinism;
 using StellaOps.Infrastructure.Postgres.Repositories;
 using StellaOps.Policy.Exceptions.Models;
 using StellaOps.Policy.Exceptions.Repositories;

src/Policy/__Libraries/StellaOps.Policy/TrustLattice/ProofBundle.cs

@@ -281,6 +281,7 @@ public sealed record ProofBundleStats
 /// </summary>
 public sealed class ProofBundleBuilder
 {
+    private readonly TimeProvider _timeProvider;
     private readonly List<ProofInput> _inputs = [];
     private readonly List<NormalizationTrace> _normalization = [];
     private readonly List<Claim> _claims = [];
@@ -289,6 +290,15 @@ public sealed class ProofBundleBuilder
     private string _policyBundleId = "unknown";
     private string? _policyBundleVersion;
 
+    /// <summary>
+    /// Initializes a new instance of the <see cref="ProofBundleBuilder"/> class.
+    /// </summary>
+    /// <param name="timeProvider">The time provider for deterministic timestamps.</param>
+    public ProofBundleBuilder(TimeProvider? timeProvider = null)
+    {
+        _timeProvider = timeProvider ?? TimeProvider.System;
+    }
+
     /// <summary>
     /// Sets the policy bundle.
     /// </summary>
@@ -381,6 +391,7 @@ public sealed class ProofBundleBuilder
         {
             PolicyBundleId = _policyBundleId,
             PolicyBundleVersion = _policyBundleVersion,
+            CreatedAt = _timeProvider.GetUtcNow(),
             Inputs = _inputs,
             Normalization = _normalization,
             Claims = _claims,