stabilize tests

2026-02-01 21:37:40 +02:00
parent 55744f6a39
commit 5d5e80b2e4
6435 changed files with 33984 additions and 13802 deletions
--- a/src/Attestor/__Libraries/StellaOps.Attestor.Bundle/Builder/SigstoreBundleBuilder.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Bundle/Builder/SigstoreBundleBuilder.cs
@@ -5,9 +5,10 @@
 // Description: Fluent builder for constructing Sigstore bundles
 // -----------------------------------------------------------------------------

-using System.Globalization;
+
 using StellaOps.Attestor.Bundle.Models;
 using StellaOps.Attestor.Bundle.Serialization;
+using System.Globalization;

 namespace StellaOps.Attestor.Bundle.Builder;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Bundle/Serialization/SigstoreBundleSerializer.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Bundle/Serialization/SigstoreBundleSerializer.cs
@@ -5,9 +5,10 @@
 // Description: JSON serialization for Sigstore bundles
 // -----------------------------------------------------------------------------

+
+using StellaOps.Attestor.Bundle.Models;
 using System.Text.Json;
 using System.Text.Json.Serialization;
-using StellaOps.Attestor.Bundle.Models;

 namespace StellaOps.Attestor.Bundle.Serialization;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Bundle/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Bundle/TASKS.md
@@ -8,3 +8,4 @@ Source of truth: `docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229
 | AUDIT-0045-M | DONE | Revalidated maintainability for StellaOps.Attestor.Bundle (2026-01-06). |
 | AUDIT-0045-T | DONE | Revalidated test coverage for StellaOps.Attestor.Bundle (2026-01-06). |
 | AUDIT-0045-A | TODO | Open findings from revalidation (verification time/trust roots/checkpoint validation). |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.Bundle/Verification/SigstoreBundleVerifier.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Bundle/Verification/SigstoreBundleVerifier.cs
@@ -5,14 +5,15 @@
 // Description: Offline verification of Sigstore bundles
 // -----------------------------------------------------------------------------

-using System.Security.Cryptography;
-using System.Security.Cryptography.X509Certificates;
-using System.Text;
-using System.Globalization;
+
 using Microsoft.Extensions.Logging;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Crypto.Signers;
 using StellaOps.Attestor.Bundle.Models;
+using System.Globalization;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+using System.Text;

 namespace StellaOps.Attestor.Bundle.Verification;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Bundling/Services/AttestationBundler.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Bundling/Services/AttestationBundler.cs
@@ -5,14 +5,15 @@
 // Description: Service implementation for creating attestation bundles
 // -----------------------------------------------------------------------------

-using System.Security.Cryptography;
-using System.Text;
+
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using StellaOps.Attestor.Bundling.Abstractions;
 using StellaOps.Attestor.Bundling.Configuration;
 using StellaOps.Attestor.Bundling.Models;
 using StellaOps.Attestor.ProofChain.Merkle;
+using System.Security.Cryptography;
+using System.Text;

 namespace StellaOps.Attestor.Bundling.Services;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Bundling/Signing/KmsOrgKeySigner.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Bundling/Signing/KmsOrgKeySigner.cs
@@ -5,12 +5,13 @@
 // Description: KMS-backed organization key signing for bundles
 // -----------------------------------------------------------------------------

-using System.Security.Cryptography;
-using System.Text;
+
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using StellaOps.Attestor.Bundling.Abstractions;
 using StellaOps.Attestor.Bundling.Models;
+using System.Security.Cryptography;
+using System.Text;

 namespace StellaOps.Attestor.Bundling.Signing;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Bundling/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Bundling/TASKS.md
@@ -8,3 +8,4 @@ Source of truth: `docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229
 | AUDIT-0047-M | DONE | Revalidated maintainability for StellaOps.Attestor.Bundling. |
 | AUDIT-0047-T | DONE | Revalidated test coverage for StellaOps.Attestor.Bundling. |
 | AUDIT-0047-A | TODO | Reopened on revalidation; address signing time determinism and offline export ordering/collision risks. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/ReleaseEvidencePackBuilder.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/ReleaseEvidencePackBuilder.cs
@@ -1,13 +1,14 @@
 // Copyright (c) StellaOps. All rights reserved.
 // Licensed under the BUSL-1.1 license.

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Attestor.EvidencePack.Models;
 using System.Collections.Immutable;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
 using System.Text.Json.Serialization;
-using Microsoft.Extensions.Logging;
-using StellaOps.Attestor.EvidencePack.Models;

 namespace StellaOps.Attestor.EvidencePack;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/ReleaseEvidencePackSerializer.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/ReleaseEvidencePackSerializer.cs
@@ -1,13 +1,14 @@
 // Copyright (c) StellaOps. All rights reserved.
 // Licensed under the BUSL-1.1 license.

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Attestor.EvidencePack.Models;
+using StellaOps.Attestor.EvidencePack.Services;
 using System.IO.Compression;
 using System.Reflection;
 using System.Text;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;
-using StellaOps.Attestor.EvidencePack.Models;
-using StellaOps.Attestor.EvidencePack.Services;

 namespace StellaOps.Attestor.EvidencePack;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/Services/ReplayLogSerializerContext.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/Services/ReplayLogSerializerContext.cs
@@ -1,8 +1,9 @@
 // Copyright (c) StellaOps. All rights reserved.
 // Licensed under the BUSL-1.1 license.

-using System.Text.Json.Serialization;
+
 using StellaOps.Attestor.EvidencePack.Models;
+using System.Text.Json.Serialization;

 namespace StellaOps.Attestor.EvidencePack.Services;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/Services/VerificationReplayLogBuilder.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/Services/VerificationReplayLogBuilder.cs
@@ -2,11 +2,12 @@
 // Licensed under the BUSL-1.1 license.
 // Advisory: Sealed Audit-Pack replay_log.json generation per EU CRA/NIS2 compliance

+
+using StellaOps.Attestor.EvidencePack.Models;
 using System.Collections.Immutable;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
-using StellaOps.Attestor.EvidencePack.Models;

 namespace StellaOps.Attestor.EvidencePack.Services;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/TASKS.md
@@ -0,0 +1,8 @@
+# StellaOps.Attestor.EvidencePack Task Board
+This board mirrors active sprint tasks for this module.
+Source of truth: `docs/implplan/SPRINT_20260130_002_Tools_csproj_remediation_solid_review.md`.
+
+| Task ID | Status | Notes |
+| --- | --- | --- |
+| REMED-05 | TODO | Remediation checklist: docs/implplan/audits/csproj-standards/remediation/checklists/src/Attestor/__Libraries/StellaOps.Attestor.EvidencePack/StellaOps.Attestor.EvidencePack.md. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.FixChain/FixChainAttestationService.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.FixChain/FixChainAttestationService.cs
@@ -1,11 +1,12 @@
 // Licensed under BUSL-1.1. Copyright (C) 2026 StellaOps Contributors.

+
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using System.Collections.Immutable;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;

 namespace StellaOps.Attestor.FixChain;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.FixChain/FixChainModels.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.FixChain/FixChainModels.cs
@@ -1,8 +1,9 @@
 // Licensed under BUSL-1.1. Copyright (C) 2026 StellaOps Contributors.

+
+using StellaOps.Attestor.ProofChain.Statements;
 using System.Collections.Immutable;
 using System.Text.Json.Serialization;
-using StellaOps.Attestor.ProofChain.Statements;

 namespace StellaOps.Attestor.FixChain;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.FixChain/FixChainStatementBuilder.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.FixChain/FixChainStatementBuilder.cs
@@ -1,13 +1,14 @@
 // Licensed under BUSL-1.1. Copyright (C) 2026 StellaOps Contributors.

+
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using StellaOps.Attestor.ProofChain.Statements;
 using System.Collections.Immutable;
 using System.Globalization;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;
-using StellaOps.Attestor.ProofChain.Statements;

 namespace StellaOps.Attestor.FixChain;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.FixChain/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.FixChain/TASKS.md
@@ -0,0 +1,8 @@
+# StellaOps.Attestor.FixChain Task Board
+This board mirrors active sprint tasks for this module.
+Source of truth: `docs/implplan/SPRINT_20260130_002_Tools_csproj_remediation_solid_review.md`.
+
+| Task ID | Status | Notes |
+| --- | --- | --- |
+| REMED-05 | TODO | Remediation checklist: docs/implplan/audits/csproj-standards/remediation/checklists/src/Attestor/__Libraries/StellaOps.Attestor.FixChain/StellaOps.Attestor.FixChain.md. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/GraphRootAttestor.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/GraphRootAttestor.cs
@@ -1,3 +1,17 @@
+
+// Type aliases to resolve naming conflicts with StellaOps.Attestor.DsseEnvelope/DsseSignature
+// Must use distinct names to avoid collision with types in StellaOps.Attestor namespace
+
+using EnvDsseEnvelope = StellaOps.Attestor.Envelope.DsseEnvelope;
+using EnvDsseSignature = StellaOps.Attestor.Envelope.DsseSignature;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using StellaOps.Attestor.Core.Rekor;
+using StellaOps.Attestor.Core.Submission;
+using StellaOps.Attestor.Envelope;
+using StellaOps.Attestor.GraphRoot.Models;
+using StellaOps.Canonical.Json;
+using SubmissionDsseSignature = StellaOps.Attestor.Core.Submission.AttestorSubmissionRequest.DsseSignature;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -7,19 +21,6 @@ using System.Text;
 using System.Text.Json;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;
-using StellaOps.Attestor.Core.Rekor;
-using StellaOps.Attestor.Core.Submission;
-using StellaOps.Attestor.Envelope;
-using StellaOps.Attestor.GraphRoot.Models;
-using StellaOps.Canonical.Json;
-
-// Type aliases to resolve naming conflicts with StellaOps.Attestor.DsseEnvelope/DsseSignature
-// Must use distinct names to avoid collision with types in StellaOps.Attestor namespace
-using EnvDsseEnvelope = StellaOps.Attestor.Envelope.DsseEnvelope;
-using EnvDsseSignature = StellaOps.Attestor.Envelope.DsseSignature;
-using SubmissionDsseSignature = StellaOps.Attestor.Core.Submission.AttestorSubmissionRequest.DsseSignature;

 namespace StellaOps.Attestor.GraphRoot;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/GraphRootAttestorOptions.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/GraphRootAttestorOptions.cs
@@ -1,5 +1,6 @@
-using System;
+
 using StellaOps.Attestor.Core.Rekor;
+using System;

 namespace StellaOps.Attestor.GraphRoot;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/GraphRootServiceCollectionExtensions.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/GraphRootServiceCollectionExtensions.cs
@@ -1,7 +1,8 @@
-using System;
+
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using StellaOps.Attestor.Envelope;
+using System;

 namespace StellaOps.Attestor.GraphRoot;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/IGraphRootAttestor.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/IGraphRootAttestor.cs
@@ -1,7 +1,8 @@
+
+using StellaOps.Attestor.GraphRoot.Models;
 using System.Collections.Generic;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Attestor.GraphRoot.Models;

 namespace StellaOps.Attestor.GraphRoot;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.GraphRoot/TASKS.md
@@ -8,3 +8,4 @@ Source of truth: `docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229
 | AUDIT-0053-M | DONE | Revalidated maintainability for StellaOps.Attestor.GraphRoot. |
 | AUDIT-0053-T | DONE | Revalidated test coverage for StellaOps.Attestor.GraphRoot. |
 | AUDIT-0053-A | DONE | Revalidated; no new issues. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.Oci/Services/OrasAttestationAttacher.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Oci/Services/OrasAttestationAttacher.cs
@@ -4,11 +4,12 @@
 // Task: Implement OCI registry attachment via ORAS
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Attestor.Envelope;
 using System.Globalization;
 using System.Security.Cryptography;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;
-using StellaOps.Attestor.Envelope;

 namespace StellaOps.Attestor.Oci.Services;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Oci/Services/SbomOciPublisher.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Oci/Services/SbomOciPublisher.cs
@@ -6,9 +6,10 @@
 //              supersede/overwrite semantics via version annotations.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
 using System.Globalization;
 using System.Security.Cryptography;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Attestor.Oci.Services;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Oci/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Oci/TASKS.md
@@ -9,3 +9,4 @@ Source of truth: `docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229
 | AUDIT-0056-T | DONE | Revalidated 2026-01-06. |
 | AUDIT-0056-A | TODO | Reopened after revalidation 2026-01-06. |
 | VAL-SMOKE-001 | DONE | Fixed build issue in Attestor OCI attacher. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.Offline/Services/FileSystemRootStore.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Offline/Services/FileSystemRootStore.cs
@@ -1,18 +1,19 @@
-// -----------------------------------------------------------------------------
+// -----------------------------------------------------------------------------
 // FileSystemRootStore.cs
 // Sprint: SPRINT_20251226_003_ATTESTOR_offline_verification
 // Task: 0004 - Implement FileSystemRootStore
 // Description: File-based root certificate store for offline verification
 // -----------------------------------------------------------------------------

-using System.Security.Cryptography;
-using System.Security.Cryptography.X509Certificates;
-using System.Text;
-using System.Text.Json;
+
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using StellaOps.Attestor.Envelope;
 using StellaOps.Attestor.Offline.Abstractions;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+using System.Text;
+using System.Text.Json;

 namespace StellaOps.Attestor.Offline.Services;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Offline/Services/OfflineVerifier.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Offline/Services/OfflineVerifier.cs
@@ -5,24 +5,25 @@
 // Description: Offline verification service for attestation bundles
 // -----------------------------------------------------------------------------

-using System.Security.Cryptography;
-using System.Security.Cryptography.X509Certificates;
-using System.Text;
-using System.Text.Json;
+
+// Alias to resolve ambiguity with Bundling.Abstractions.VerificationIssueSeverity
+
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Crypto.Signers;
 using Org.BouncyCastle.X509;
+using Severity = StellaOps.Attestor.Offline.Models.VerificationIssueSeverity;
 using StellaOps.Attestor.Bundling.Abstractions;
 using StellaOps.Attestor.Bundling.Models;
 using StellaOps.Attestor.Envelope;
 using StellaOps.Attestor.Offline.Abstractions;
 using StellaOps.Attestor.Offline.Models;
 using StellaOps.Attestor.ProofChain.Merkle;
-
-// Alias to resolve ambiguity with Bundling.Abstractions.VerificationIssueSeverity
-using Severity = StellaOps.Attestor.Offline.Models.VerificationIssueSeverity;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+using System.Text;
+using System.Text.Json;

 namespace StellaOps.Attestor.Offline.Services;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Offline/Services/RuleBundleSignatureVerifier.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Offline/Services/RuleBundleSignatureVerifier.cs
@@ -5,13 +5,14 @@
 // Description: Verifies rule bundle signatures offline
 // -----------------------------------------------------------------------------

-using System.Security.Cryptography;
-using System.Text;
-using System.Text.Json;
+
 using Microsoft.Extensions.Logging;
 using StellaOps.Attestor.Envelope;
 using StellaOps.Attestor.Offline.Abstractions;
 using StellaOps.Attestor.Offline.Models;
+using System.Security.Cryptography;
+using System.Text;
+using System.Text.Json;

 namespace StellaOps.Attestor.Offline.Services;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Offline/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Offline/TASKS.md
@@ -8,3 +8,4 @@ Source of truth: `docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229
 | AUDIT-0058-M | DONE | Revalidated 2026-01-06. |
 | AUDIT-0058-T | DONE | Revalidated 2026-01-06. |
 | AUDIT-0058-A | TODO | Reopened after revalidation 2026-01-06. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.Persistence/Repositories/IProofChainRepository.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Persistence/Repositories/IProofChainRepository.cs
@@ -1,8 +1,9 @@
+
+using StellaOps.Attestor.Persistence.Entities;
 using System;
 using System.Collections.Generic;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Attestor.Persistence.Entities;

 namespace StellaOps.Attestor.Persistence.Repositories;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Persistence/Services/TrustAnchorMatcher.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Persistence/Services/TrustAnchorMatcher.cs
@@ -1,7 +1,8 @@
-using System.Text.RegularExpressions;
+
 using Microsoft.Extensions.Logging;
 using StellaOps.Attestor.Persistence.Entities;
 using StellaOps.Attestor.Persistence.Repositories;
+using System.Text.RegularExpressions;

 namespace StellaOps.Attestor.Persistence.Services;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Persistence/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Persistence/TASKS.md
@@ -8,3 +8,4 @@ Source of truth: `docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229
 | AUDIT-0060-M | DONE | Revalidated 2026-01-06. |
 | AUDIT-0060-T | DONE | Revalidated 2026-01-06. |
 | AUDIT-0060-A | TODO | Reopened after revalidation 2026-01-06. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/AGENTS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/AGENTS.md
@@ -1,4 +1,4 @@
-# StellaOps.Attestor.ProofChain — Local Agent Charter
+# StellaOps.Attestor.ProofChain ??? Local Agent Charter

 ## Scope
 - This charter applies to `src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/**`.
@@ -9,7 +9,7 @@

 ## Required reading (treat as read before edits)
 - `docs/modules/attestor/architecture.md`
- `docs/product/advisories/14-Dec-2025 - Proof and Evidence Chain Technical Reference.md`
+- `docs-archived/product/advisories/2025-12-21-moat-gap-closure/14-Dec-2025 - Proof and Evidence Chain Technical Reference.md`
 - RFC 8785 (JSON Canonicalization Scheme)

 ## Working agreements
@@ -21,3 +21,4 @@
 - Every behavior change must be covered by tests under `src/Attestor/__Tests/StellaOps.Attestor.ProofChain.Tests`.
 - Include determinism tests (same inputs -> same IDs/hashes) and negative tests (invalid formats).

+
--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Assembly/IProofSpineAssembler.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Assembly/IProofSpineAssembler.cs
@@ -1,9 +1,10 @@
-using System.Collections.Generic;
-using System.Threading;
-using System.Threading.Tasks;
+
 using StellaOps.Attestor.ProofChain.Identifiers;
 using StellaOps.Attestor.ProofChain.Signing;
 using StellaOps.Attestor.ProofChain.Statements;
+using System.Collections.Generic;
+using System.Threading;
+using System.Threading.Tasks;

 namespace StellaOps.Attestor.ProofChain.Assembly;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Audit/AuditHashLogger.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Audit/AuditHashLogger.cs
@@ -5,9 +5,10 @@
 // Description: Pre-canonical hash debug logging for audit trails
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
 using System.Security.Cryptography;
 using System.Text;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Attestor.ProofChain.Audit;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Builders/IStatementBuilder.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Builders/IStatementBuilder.cs
@@ -1,5 +1,6 @@
-using System.Collections.Generic;
+
 using StellaOps.Attestor.ProofChain.Statements;
+using System.Collections.Generic;

 namespace StellaOps.Attestor.ProofChain.Builders;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Builders/StatementBuilder.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Builders/StatementBuilder.cs
@@ -1,6 +1,7 @@
+
+using StellaOps.Attestor.ProofChain.Statements;
 using System.Collections.Generic;
 using System.Linq;
-using StellaOps.Attestor.ProofChain.Statements;

 namespace StellaOps.Attestor.ProofChain.Builders;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/ChangeTrace/ChangeTraceAttestationService.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/ChangeTrace/ChangeTraceAttestationService.cs
@@ -4,14 +4,15 @@
 // Description: Service for generating change trace DSSE attestations.
 // -----------------------------------------------------------------------------

-using System.Collections.Immutable;
+
+
+using ChangeTraceModel = StellaOps.Scanner.ChangeTrace.Models.ChangeTrace;
+using DsseEnvelope = StellaOps.Attestor.ProofChain.Signing.DsseEnvelope;
 using StellaOps.Attestor.ProofChain.Predicates;
 using StellaOps.Attestor.ProofChain.Signing;
 using StellaOps.Attestor.ProofChain.Statements;
 using StellaOps.Scanner.ChangeTrace.Models;
-
-using ChangeTraceModel = StellaOps.Scanner.ChangeTrace.Models.ChangeTrace;
-using DsseEnvelope = StellaOps.Attestor.ProofChain.Signing.DsseEnvelope;
+using System.Collections.Immutable;

 namespace StellaOps.Attestor.ProofChain.ChangeTrace;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Generators/BackportProofGenerator.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Generators/BackportProofGenerator.cs
@@ -1,12 +1,13 @@
-namespace StellaOps.Attestor.ProofChain.Generators;
-
-using System.Text;
-using System.Text.Json;
 using StellaOps.Attestor.ProofChain.Models;
 using StellaOps.Canonical.Json;
 using StellaOps.Concelier.SourceIntel;
 using StellaOps.Feedser.Core;
 using StellaOps.Feedser.Core.Models;
+using System.Text;
+using System.Text.Json;
+
+namespace StellaOps.Attestor.ProofChain.Generators;
+

 /// <summary>
 /// Generates ProofBlobs from multi-tier backport detection evidence.
--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Generators/BinaryFingerprintEvidenceGenerator.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Generators/BinaryFingerprintEvidenceGenerator.cs
@@ -4,11 +4,12 @@
 // Task: SCANINT-11 — Implement proof segment generation in Attestor
 // -----------------------------------------------------------------------------

-using System.Collections.Immutable;
-using System.Text.Json;
+
 using StellaOps.Attestor.ProofChain.Models;
 using StellaOps.Attestor.ProofChain.Predicates;
 using StellaOps.Canonical.Json;
+using System.Collections.Immutable;
+using System.Text.Json;

 namespace StellaOps.Attestor.ProofChain.Generators;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Generators/VexProofIntegrator.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Generators/VexProofIntegrator.cs
@@ -1,10 +1,11 @@
-namespace StellaOps.Attestor.ProofChain.Generators;
-
-using System.Text.Json;
-using System.Text.Json.Serialization;
 using StellaOps.Attestor.ProofChain.Models;
 using StellaOps.Attestor.ProofChain.Statements;
 using StellaOps.Canonical.Json;
+using System.Text.Json;
+using System.Text.Json.Serialization;
+
+namespace StellaOps.Attestor.ProofChain.Generators;
+

 /// <summary>
 /// Integrates ProofBlob evidence into VEX verdicts with proof_ref fields.
--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Identifiers/ContentAddressedId.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Identifiers/ContentAddressedId.cs
@@ -1,5 +1,6 @@
-using System;
+
 using StellaOps.Attestor.ProofChain.Internal;
+using System;

 namespace StellaOps.Attestor.ProofChain.Identifiers;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Identifiers/ContentAddressedIdGenerator.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Identifiers/ContentAddressedIdGenerator.cs
@@ -1,13 +1,14 @@
+
+using StellaOps.Attestor.ProofChain.Json;
+using StellaOps.Attestor.ProofChain.Merkle;
+using StellaOps.Attestor.ProofChain.Predicates;
+using StellaOps.Canonical.Json;
 using System;
 using System.Collections.Generic;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
 using System.Text.Json.Serialization;
-using StellaOps.Attestor.ProofChain.Json;
-using StellaOps.Attestor.ProofChain.Merkle;
-using StellaOps.Attestor.ProofChain.Predicates;
-using StellaOps.Canonical.Json;

 namespace StellaOps.Attestor.ProofChain.Identifiers;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Identifiers/GraphRevisionId.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Identifiers/GraphRevisionId.cs
@@ -1,5 +1,6 @@
-using System;
+
 using StellaOps.Attestor.ProofChain.Internal;
+using System;

 namespace StellaOps.Attestor.ProofChain.Identifiers;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Identifiers/IContentAddressedIdGenerator.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Identifiers/IContentAddressedIdGenerator.cs
@@ -1,7 +1,8 @@
-using System.Collections.Generic;
-using System;
+
 using StellaOps.Attestor.ProofChain.Identifiers;
 using StellaOps.Attestor.ProofChain.Predicates;
+using System;
+using System.Collections.Generic;

 namespace StellaOps.Attestor.ProofChain.Identifiers;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Identifiers/SbomEntryId.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Identifiers/SbomEntryId.cs
@@ -1,5 +1,6 @@
-using System;
+
 using StellaOps.Attestor.ProofChain.Internal;
+using System;

 namespace StellaOps.Attestor.ProofChain.Identifiers;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Json/IJsonSchemaValidator.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Json/IJsonSchemaValidator.cs
@@ -1,3 +1,4 @@
+
 using System.Text.Json;
 using System.Text.Json.Nodes;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Json/Rfc8785JsonCanonicalizer.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Json/Rfc8785JsonCanonicalizer.cs
@@ -1,3 +1,4 @@
+
 using System;
 using System.Buffers;
 using System.Collections.Generic;
--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Models/ProofBlob.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Models/ProofBlob.cs
@@ -1,6 +1,7 @@
+using System.Text.Json;
+
 namespace StellaOps.Attestor.ProofChain.Models;

-using System.Text.Json;

 /// <summary>
 /// Proof blob containing cryptographic evidence for a vulnerability verdict.
--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Pipeline/IProofChainPipeline.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Pipeline/IProofChainPipeline.cs
@@ -1,11 +1,12 @@
-using System;
-using System.Collections.Generic;
-using System.Threading;
-using System.Threading.Tasks;
+
 using StellaOps.Attestor.ProofChain.Identifiers;
 using StellaOps.Attestor.ProofChain.Receipts;
 using StellaOps.Attestor.ProofChain.Signing;
 using StellaOps.Attestor.ProofChain.Statements;
+using System;
+using System.Collections.Generic;
+using System.Threading;
+using System.Threading.Tasks;

 namespace StellaOps.Attestor.ProofChain.Pipeline;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Predicates/PolicyDecisionPredicate.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Predicates/PolicyDecisionPredicate.cs
@@ -1,7 +1,8 @@
+
+using StellaOps.Attestor.ProofChain.Models;
 using System;
 using System.Collections.Generic;
 using System.Text.Json.Serialization;
-using StellaOps.Attestor.ProofChain.Models;

 namespace StellaOps.Attestor.ProofChain.Predicates;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/ProofHashing.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/ProofHashing.cs
@@ -1,8 +1,9 @@
-namespace StellaOps.Attestor.ProofChain;
-
 using StellaOps.Attestor.ProofChain.Models;
 using StellaOps.Canonical.Json;

+namespace StellaOps.Attestor.ProofChain;
+
+
 /// <summary>
 /// Utilities for computing canonical hashes of proof blobs.
 /// </summary>
--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Receipts/IReceiptGenerator.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Receipts/IReceiptGenerator.cs
@@ -1,8 +1,9 @@
+
+using StellaOps.Attestor.ProofChain.Identifiers;
 using System;
 using System.Collections.Generic;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Attestor.ProofChain.Identifiers;

 namespace StellaOps.Attestor.ProofChain.Receipts;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Replay/AIArtifactReplayManifest.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Replay/AIArtifactReplayManifest.cs
@@ -1,5 +1,6 @@
-using System.Text.Json.Serialization;
+
 using StellaOps.Attestor.ProofChain.Predicates.AI;
+using System.Text.Json.Serialization;

 namespace StellaOps.Attestor.ProofChain.Replay;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Sbom/CycloneDxSubjectExtractor.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Sbom/CycloneDxSubjectExtractor.cs
@@ -1,7 +1,8 @@
+
+using StellaOps.Attestor.ProofChain.Identifiers;
 using System;
 using System.Collections.Generic;
 using System.Text.Json;
-using StellaOps.Attestor.ProofChain.Identifiers;

 namespace StellaOps.Attestor.ProofChain.Sbom;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Sbom/ISbomSubjectExtractor.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Sbom/ISbomSubjectExtractor.cs
@@ -1,6 +1,7 @@
+
+using StellaOps.Attestor.ProofChain.Identifiers;
 using System;
 using System.Collections.Generic;
-using StellaOps.Attestor.ProofChain.Identifiers;

 namespace StellaOps.Attestor.ProofChain.Sbom;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Services/UnknownsAggregator.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Services/UnknownsAggregator.cs
@@ -1,10 +1,11 @@
+
+using StellaOps.Attestor.ProofChain.Models;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
-using StellaOps.Attestor.ProofChain.Models;

 namespace StellaOps.Attestor.ProofChain.Services;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Signing/IProofChainSigner.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Signing/IProofChainSigner.cs
@@ -1,8 +1,9 @@
+
+using StellaOps.Attestor.ProofChain.Statements;
 using System.Collections.Generic;
+using System.Text.Json.Serialization;
 using System.Threading;
 using System.Threading.Tasks;
-using System.Text.Json.Serialization;
-using StellaOps.Attestor.ProofChain.Statements;

 namespace StellaOps.Attestor.ProofChain.Signing;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Signing/ProofChainSigner.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Signing/ProofChainSigner.cs
@@ -1,3 +1,7 @@
+
+using StellaOps.Attestor.Envelope;
+using StellaOps.Attestor.ProofChain.Json;
+using StellaOps.Attestor.ProofChain.Statements;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -5,9 +9,6 @@ using System.Text.Json;
 using System.Text.Json.Serialization;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Attestor.Envelope;
-using StellaOps.Attestor.ProofChain.Json;
-using StellaOps.Attestor.ProofChain.Statements;

 namespace StellaOps.Attestor.ProofChain.Signing;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/AI/AIExplanationStatement.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/AI/AIExplanationStatement.cs
@@ -1,5 +1,6 @@
-using System.Text.Json.Serialization;
+
 using StellaOps.Attestor.ProofChain.Predicates.AI;
+using System.Text.Json.Serialization;

 namespace StellaOps.Attestor.ProofChain.Statements.AI;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/AI/AIPolicyDraftStatement.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/AI/AIPolicyDraftStatement.cs
@@ -1,5 +1,6 @@
-using System.Text.Json.Serialization;
+
 using StellaOps.Attestor.ProofChain.Predicates.AI;
+using System.Text.Json.Serialization;

 namespace StellaOps.Attestor.ProofChain.Statements.AI;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/AI/AIRemediationPlanStatement.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/AI/AIRemediationPlanStatement.cs
@@ -1,5 +1,6 @@
-using System.Text.Json.Serialization;
+
 using StellaOps.Attestor.ProofChain.Predicates.AI;
+using System.Text.Json.Serialization;

 namespace StellaOps.Attestor.ProofChain.Statements.AI;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/AI/AIVexDraftStatement.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/AI/AIVexDraftStatement.cs
@@ -1,5 +1,6 @@
-using System.Text.Json.Serialization;
+
 using StellaOps.Attestor.ProofChain.Predicates.AI;
+using System.Text.Json.Serialization;

 namespace StellaOps.Attestor.ProofChain.Statements.AI;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/BinaryMicroWitnessStatement.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/BinaryMicroWitnessStatement.cs
@@ -5,8 +5,9 @@
 // Description: In-toto statement wrapper for binary micro-witness predicates.
 // -----------------------------------------------------------------------------

-using System.Text.Json.Serialization;
+
 using StellaOps.Attestor.ProofChain.Predicates;
+using System.Text.Json.Serialization;

 namespace StellaOps.Attestor.ProofChain.Statements;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/ChangeTraceStatement.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/ChangeTraceStatement.cs
@@ -4,8 +4,9 @@
 // Description: In-toto statement for change trace attestations.
 // -----------------------------------------------------------------------------

-using System.Text.Json.Serialization;
+
 using StellaOps.Attestor.ProofChain.Predicates;
+using System.Text.Json.Serialization;

 namespace StellaOps.Attestor.ProofChain.Statements;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/DeltaVerdictStatement.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/DeltaVerdictStatement.cs
@@ -1,5 +1,6 @@
-using System.Text.Json.Serialization;
+
 using StellaOps.Attestor.ProofChain.Predicates;
+using System.Text.Json.Serialization;

 namespace StellaOps.Attestor.ProofChain.Statements;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/ReachabilitySubgraphStatement.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/ReachabilitySubgraphStatement.cs
@@ -1,5 +1,6 @@
-using System.Text.Json.Serialization;
+
 using StellaOps.Attestor.ProofChain.Predicates;
+using System.Text.Json.Serialization;

 namespace StellaOps.Attestor.ProofChain.Statements;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/VerdictReceiptStatement.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Statements/VerdictReceiptStatement.cs
@@ -1,6 +1,7 @@
+
+using StellaOps.Attestor.ProofChain.Models;
 using System;
 using System.Text.Json.Serialization;
-using StellaOps.Attestor.ProofChain.Models;

 namespace StellaOps.Attestor.ProofChain.Statements;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Verification/AIArtifactVerificationStep.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Verification/AIArtifactVerificationStep.cs
@@ -1,3 +1,7 @@
+
+using Microsoft.Extensions.Logging;
+using StellaOps.Attestor.ProofChain.MediaTypes;
+using StellaOps.Attestor.ProofChain.Predicates.AI;
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
@@ -7,9 +11,6 @@ using System.Text;
 using System.Text.Json;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using StellaOps.Attestor.ProofChain.Predicates.AI;
-using StellaOps.Attestor.ProofChain.MediaTypes;

 namespace StellaOps.Attestor.ProofChain.Verification;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Verification/IVerificationPipeline.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Verification/IVerificationPipeline.cs
@@ -1,9 +1,10 @@
+
+using StellaOps.Attestor.ProofChain.Identifiers;
+using StellaOps.Attestor.ProofChain.Receipts;
 using System;
 using System.Collections.Generic;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Attestor.ProofChain.Identifiers;
-using StellaOps.Attestor.ProofChain.Receipts;

 namespace StellaOps.Attestor.ProofChain.Verification;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Verification/VerificationPipeline.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.ProofChain/Verification/VerificationPipeline.cs
@@ -1,3 +1,9 @@
+
+
+
+using Microsoft.Extensions.Logging;
+using StellaOps.Attestor.ProofChain.Identifiers;
+using StellaOps.Attestor.ProofChain.Receipts;
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
@@ -7,11 +13,6 @@ using System.Text.Json;
 using System.Threading;
 using System.Threading.Tasks;

-using Microsoft.Extensions.Logging;
-
-using StellaOps.Attestor.ProofChain.Identifiers;
-using StellaOps.Attestor.ProofChain.Receipts;
-
 namespace StellaOps.Attestor.ProofChain.Verification;

 /// <summary>
--- a/src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/BuildAttestationMapper.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/BuildAttestationMapper.cs
@@ -2,9 +2,10 @@
 // Copyright (c) StellaOps. Licensed under the BUSL-1.1.
 // </copyright>

+
+using StellaOps.Spdx3.Model.Build;
 using System.Collections.Immutable;
 using System.Globalization;
-using StellaOps.Spdx3.Model.Build;

 namespace StellaOps.Attestor.Spdx3;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/BuildRelationshipBuilder.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/BuildRelationshipBuilder.cs
@@ -2,9 +2,10 @@
 // Copyright (c) StellaOps. Licensed under the BUSL-1.1.
 // </copyright>

-using System.Collections.Immutable;
+
 using StellaOps.Spdx3.Model;
 using StellaOps.Spdx3.Model.Build;
+using System.Collections.Immutable;

 namespace StellaOps.Attestor.Spdx3;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/CombinedDocumentBuilder.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/CombinedDocumentBuilder.cs
@@ -2,9 +2,10 @@
 // Copyright (c) StellaOps. Licensed under the BUSL-1.1.
 // </copyright>

-using System.Collections.Immutable;
+
 using StellaOps.Spdx3.Model;
 using StellaOps.Spdx3.Model.Build;
+using System.Collections.Immutable;

 namespace StellaOps.Attestor.Spdx3;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/DsseSpdx3Signer.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/DsseSpdx3Signer.cs
@@ -2,10 +2,11 @@
 // Copyright (c) StellaOps. Licensed under the BUSL-1.1.
 // </copyright>

-using System.Collections.Immutable;
-using System.Text;
+
 using StellaOps.Spdx3.Model;
 using StellaOps.Spdx3.Model.Build;
+using System.Collections.Immutable;
+using System.Text;

 namespace StellaOps.Attestor.Spdx3;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Spdx3/TASKS.md
@@ -8,3 +8,4 @@ Source of truth: `docs-archived/implplan/2025-12-29-csproj-audit/SPRINT_20251229
 | AUDIT-0848-M | DONE | Revalidated 2026-01-08. |
 | AUDIT-0848-T | DONE | Revalidated 2026-01-08. |
 | AUDIT-0848-A | TODO | Open findings; apply pending approval. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/AGENTS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/AGENTS.md
@@ -9,7 +9,7 @@

 ## Required reading (treat as read before edits)
 - `docs/modules/attestor/architecture.md`
- `docs/product/advisories/14-Dec-2025 - Proof and Evidence Chain Technical Reference.md`
+- `docs-archived/product/advisories/2025-12-21-moat-gap-closure/14-Dec-2025 - Proof and Evidence Chain Technical Reference.md`
 - RFC 8785 (JSON Canonicalization Scheme)
 - SPDX 3.0.1, CycloneDX 1.6/1.7, and SLSA provenance v1.0 references

@@ -22,3 +22,4 @@
 ## Testing expectations
 - Every behavior change must be covered by tests under `src/Attestor/__Tests/StellaOps.Attestor.StandardPredicates.Tests`.
 - Include numeric canonicalization edge cases, schema validation behavior, and SBOM hash determinism checks.
+
--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/BinaryDiff/BinaryDiffDsseSigner.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/BinaryDiff/BinaryDiffDsseSigner.cs
@@ -1,6 +1,7 @@
+
+using StellaOps.Attestor.Envelope;
 using System.Collections.Immutable;
 using System.Text;
-using StellaOps.Attestor.Envelope;

 namespace StellaOps.Attestor.StandardPredicates.BinaryDiff;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/BinaryDiff/BinaryDiffDsseVerifier.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/BinaryDiff/BinaryDiffDsseVerifier.cs
@@ -1,5 +1,6 @@
-using System.Text.Json;
+
 using StellaOps.Attestor.Envelope;
+using System.Text.Json;

 namespace StellaOps.Attestor.StandardPredicates.BinaryDiff;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/BinaryDiff/BinaryDiffPredicateBuilder.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/BinaryDiff/BinaryDiffPredicateBuilder.cs
@@ -1,5 +1,6 @@
-using System.Collections.Immutable;
+
 using Microsoft.Extensions.Options;
+using System.Collections.Immutable;

 namespace StellaOps.Attestor.StandardPredicates.BinaryDiff;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/BinaryDiff/BinaryDiffSchema.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/BinaryDiff/BinaryDiffSchema.cs
@@ -1,5 +1,6 @@
-using System.Text.Json;
+
 using Json.Schema;
+using System.Text.Json;

 namespace StellaOps.Attestor.StandardPredicates.BinaryDiff;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Canonicalization/SbomCanonicalizer.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Canonicalization/SbomCanonicalizer.cs
@@ -5,6 +5,7 @@
 // Description: SBOM canonicalization using RFC 8785
 // -----------------------------------------------------------------------------

+
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/JsonCanonicalizer.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/JsonCanonicalizer.cs
@@ -1,6 +1,7 @@
+
+using StellaOps.Attestor.ProofChain.Json;
 using System.Text;
 using System.Text.Json;
-using StellaOps.Attestor.ProofChain.Json;

 namespace StellaOps.Attestor.StandardPredicates;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Licensing/SpdxLicenseList.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Licensing/SpdxLicenseList.cs
@@ -1,4 +1,5 @@
-using System;
+
+using System;
 using System.Collections.Generic;
 using System.Collections.Immutable;
 using System.Linq;
--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Parsers/CycloneDxPredicateParser.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Parsers/CycloneDxPredicateParser.cs
@@ -1,9 +1,10 @@
+
+using Microsoft.Extensions.Logging;
 using System.Collections.Generic;
 using System.Globalization;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Attestor.StandardPredicates.Parsers;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Parsers/SlsaProvenancePredicateParser.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Parsers/SlsaProvenancePredicateParser.cs
@@ -1,7 +1,8 @@
+
+using Microsoft.Extensions.Logging;
 using System.Collections.Generic;
 using System.Globalization;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Attestor.StandardPredicates.Parsers;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Parsers/SpdxPredicateParser.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Parsers/SpdxPredicateParser.cs
@@ -1,8 +1,9 @@
+
+using Microsoft.Extensions.Logging;
 using System.Collections.Generic;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Attestor.StandardPredicates.Parsers;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Validation/SlsaSchemaValidator.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Validation/SlsaSchemaValidator.cs
@@ -1,11 +1,12 @@
 // Copyright (c) StellaOps. All rights reserved.
 // Licensed under the BUSL-1.1 license.

+
+using Microsoft.Extensions.Logging;
 using System.Collections.Immutable;
 using System.Globalization;
 using System.Text.Json;
 using System.Text.RegularExpressions;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Attestor.StandardPredicates.Validation;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/VexOverride/VexOverridePredicateBuilder.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/VexOverride/VexOverridePredicateBuilder.cs
@@ -4,6 +4,7 @@
 // Description: Builder for VEX override predicate payloads with DSSE envelope creation
 // -----------------------------------------------------------------------------

+
 using System.Collections.Immutable;
 using System.Globalization;
 using System.Text;
--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/VexOverride/VexOverridePredicateParser.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/VexOverride/VexOverridePredicateParser.cs
@@ -4,10 +4,11 @@
 // Description: Parser for VEX override predicate payloads
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
 using System.Collections.Immutable;
 using System.Globalization;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Attestor.StandardPredicates.VexOverride;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Writers/CycloneDxWriter.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Writers/CycloneDxWriter.cs
@@ -4,15 +4,16 @@
 // Task: TASK-015-001 - Implement CycloneDX 1.7 JSON Writer
 // Description: Deterministic CycloneDX writer for DSSE signing
 // -----------------------------------------------------------------------------
+
+using StellaOps.Attestor.StandardPredicates.Canonicalization;
+using StellaOps.Attestor.StandardPredicates.Models;
+using System.Collections.Immutable;
 using System.Globalization;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
 using System.Text.Json.Serialization;
 using System.Text.RegularExpressions;
-using System.Collections.Immutable;
-using StellaOps.Attestor.StandardPredicates.Canonicalization;
-using StellaOps.Attestor.StandardPredicates.Models;

 namespace StellaOps.Attestor.StandardPredicates.Writers;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Writers/SpdxWriter.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.StandardPredicates/Writers/SpdxWriter.cs
@@ -4,14 +4,15 @@
 // Task: TASK-014-001, TASK-014-002 - SPDX 3.0.1 Writer
 // Description: Deterministic SPDX 3.0.1 JSON-LD writer for DSSE signing
 // -----------------------------------------------------------------------------
+
+using StellaOps.Attestor.StandardPredicates.Canonicalization;
+using StellaOps.Attestor.StandardPredicates.Licensing;
+using StellaOps.Attestor.StandardPredicates.Models;
 using System.Collections.Immutable;
 using System.Globalization;
 using System.Security.Cryptography;
 using System.Text.Json;
 using System.Text.Json.Serialization;
-using StellaOps.Attestor.StandardPredicates.Canonicalization;
-using StellaOps.Attestor.StandardPredicates.Licensing;
-using StellaOps.Attestor.StandardPredicates.Models;

 namespace StellaOps.Attestor.StandardPredicates.Writers;

@@ -2664,6 +2665,7 @@ public sealed class SpdxWriter : ISbomWriter
        public required List<object> Graph { get; init; }

        [JsonPropertyName("spdxVersion")]
+        [JsonIgnore(Condition = JsonIgnoreCondition.Always)]
        public string? SpdxVersion { get; init; }

        [JsonIgnore]
--- a/src/Attestor/__Libraries/StellaOps.Attestor.Timestamping/AttestationTimestampService.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Timestamping/AttestationTimestampService.cs
@@ -5,11 +5,12 @@
 // Description: Service implementation for timestamping attestations.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using System.Diagnostics;
 using System.Diagnostics.Metrics;
 using System.Security.Cryptography;
-using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;

 namespace StellaOps.Attestor.Timestamping;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.Timestamping/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Timestamping/TASKS.md
@@ -9,3 +9,4 @@ Source of truth: `docs/implplan/SPRINT_20260119_010_Attestor_tst_integration.md`
 | ATT-003 | DONE | Added policy context docs and evaluator tests for timestamp assertions. |
 | ATT-006 | DONE | Added time correlation validator unit tests. |
 | TASK-029-002 | DONE | Bundle TSA chain + revocation data for offline verification. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.Timestamping/TimeCorrelationValidator.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.Timestamping/TimeCorrelationValidator.cs
@@ -5,8 +5,9 @@
 // Description: Implementation of time correlation validator.
 // -----------------------------------------------------------------------------

-using System.Diagnostics.Metrics;
+
 using Microsoft.Extensions.Logging;
+using System.Diagnostics.Metrics;

 namespace StellaOps.Attestor.Timestamping;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/SigstoreServiceMapLoader.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/SigstoreServiceMapLoader.cs
@@ -5,10 +5,11 @@
 // Description: Loads Sigstore service map from TUF repository
 // -----------------------------------------------------------------------------

-using System.Text.Json;
+
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using StellaOps.Attestor.TrustRepo.Models;
+using System.Text.Json;

 namespace StellaOps.Attestor.TrustRepo;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/TASKS.md
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/TASKS.md
@@ -0,0 +1,8 @@
+# StellaOps.Attestor.TrustRepo Task Board
+This board mirrors active sprint tasks for this module.
+Source of truth: `docs/implplan/SPRINT_20260130_002_Tools_csproj_remediation_solid_review.md`.
+
+| Task ID | Status | Notes |
+| --- | --- | --- |
+| REMED-05 | TODO | Remediation checklist: docs/implplan/audits/csproj-standards/remediation/checklists/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/StellaOps.Attestor.TrustRepo.md. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/TufClient.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/TufClient.cs
@@ -5,12 +5,13 @@
 // Description: TUF client implementation following TUF 1.0 specification
 // -----------------------------------------------------------------------------

-using System.Net.Http.Json;
-using System.Security.Cryptography;
-using System.Text.Json;
+
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using StellaOps.Attestor.TrustRepo.Models;
+using System.Net.Http.Json;
+using System.Security.Cryptography;
+using System.Text.Json;

 namespace StellaOps.Attestor.TrustRepo;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/TufKeyLoader.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/TufKeyLoader.cs
@@ -5,9 +5,10 @@
 // Description: Loads Rekor public keys from TUF targets
 // -----------------------------------------------------------------------------

-using System.Security.Cryptography;
+
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
+using System.Security.Cryptography;

 namespace StellaOps.Attestor.TrustRepo;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/TufMetadataStore.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/TufMetadataStore.cs
@@ -5,10 +5,11 @@
 // Description: Local cache for TUF metadata with atomic writes
 // -----------------------------------------------------------------------------

-using System.Security.Cryptography;
-using System.Text.Json;
+
 using Microsoft.Extensions.Logging;
 using StellaOps.Attestor.TrustRepo.Models;
+using System.Security.Cryptography;
+using System.Text.Json;

 namespace StellaOps.Attestor.TrustRepo;

--- a/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/TufMetadataVerifier.cs
+++ b/src/Attestor/__Libraries/StellaOps.Attestor.TrustRepo/TufMetadataVerifier.cs
@@ -5,11 +5,12 @@
 // Description: TUF metadata signature verification
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Attestor.TrustRepo.Models;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;
-using StellaOps.Attestor.TrustRepo.Models;

 namespace StellaOps.Attestor.TrustRepo;

--- a/Show More
+++ b/Show More