Add MongoDB storage library and update acceptance tests with deterministic stubs
- Created StellaOps.Notify.Storage.Mongo project with initial configuration. - Added expected output files for acceptance tests (at1.txt to at10.txt). - Added fixture input files for acceptance tests (at1 to at10). - Created input and signature files for test cases fc1 to fc5.
This commit is contained in:
StellaOps Bot
@@ -36,6 +36,16 @@
|
||||
3) Expose via API/Console/CLI with cached reachability/VEX context and policy explain bundles (VEX-first, reachability second, policy gates third per architecture).
|
||||
4) Export reports/offline bundles; verify with ledger hashes and DSSE attestations.
|
||||
|
||||
## Triage States (architecture; finalize with GRAP0101)
|
||||
- `new` → `triaged` → `in_progress` → `awaiting_verification` → `remediated`
|
||||
- `new` → `closed_false_positive`
|
||||
- `new` → `accepted_risk`
|
||||
- Each transition requires justification; accepted risk requires multi-approver workflow (Policy Studio) and ABAC enforcement.
|
||||
|
||||
## Offline / Export Expectations
|
||||
- Offline bundle structure: `manifest.json`, `findings.jsonl`, `history.jsonl`, `actions.jsonl`, `reports/`, `signatures/` (DSSE envelopes); deterministic ordering and hashes.
|
||||
- Bundles are consumed by Export Center mirror profiles; include Merkle roots and hash manifests for verification.
|
||||
|
||||
## Offline/Determinism Notes
|
||||
- Hash captures for screenshots/payloads recorded in `docs/assets/vuln-explorer/SHA256SUMS` (empty until assets arrive).
|
||||
- Use fixed fixture sets and ordered outputs when adding examples.
|
||||
|
||||
Reference in New Issue
Block a user