stabilize tests

2026-02-01 21:37:40 +02:00
parent 55744f6a39
commit 5d5e80b2e4
6435 changed files with 33984 additions and 13802 deletions
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/AGENTS.md
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/AGENTS.md
@@ -13,7 +13,7 @@ Deliver deterministic reachability analysis, slice generation, and evidence arti
 - `docs/modules/platform/architecture-overview.md`
 - `docs/modules/scanner/architecture.md`
 - `docs/modules/reach-graph/guides/DELIVERY_GUIDE.md`
- `docs/modules/reach-graph/guides/slice-schema.md`
+- `docs/modules/reach-graph/schemas/slice-schema.md`
 - `docs/modules/reach-graph/guides/replay-verification.md`

 ## Working Directory & Boundaries
@@ -34,3 +34,4 @@ Deliver deterministic reachability analysis, slice generation, and evidence arti
 ## Workflow
 - Update sprint status on task transitions.
 - Record decisions/risks in sprint Execution Log and Decisions & Risks.
+
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/AttestingRichGraphWriter.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/AttestingRichGraphWriter.cs
@@ -4,12 +4,13 @@
 // Description: RichGraphWriter wrapper that produces DSSE attestation alongside graph.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using System;
 using System.IO;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;

 namespace StellaOps.Scanner.Reachability.Attestation;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/GraphRootIntegration.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/GraphRootIntegration.cs
@@ -5,6 +5,12 @@
 // Description: Implementation bridging Scanner RichGraph to GraphRootAttestor.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using StellaOps.Attestor.Envelope;
+using StellaOps.Attestor.GraphRoot;
+using StellaOps.Attestor.GraphRoot.Models;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -12,11 +18,6 @@ using System.Security.Cryptography;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;
-using StellaOps.Attestor.Envelope;
-using StellaOps.Attestor.GraphRoot;
-using StellaOps.Attestor.GraphRoot.Models;

 namespace StellaOps.Scanner.Reachability.Attestation;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/GraphRootIntegrationServiceCollectionExtensions.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/GraphRootIntegrationServiceCollectionExtensions.cs
@@ -5,10 +5,11 @@
 // Description: DI registration for GraphRoot integration in Scanner.
 // -----------------------------------------------------------------------------

-using System;
+
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using StellaOps.Attestor.GraphRoot;
+using System;

 namespace StellaOps.Scanner.Reachability.Attestation;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/IGraphRootIntegration.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/IGraphRootIntegration.cs
@@ -5,9 +5,10 @@
 // Description: Integration service for GraphRootAttestor in Scanner pipeline.
 // -----------------------------------------------------------------------------

+
+using StellaOps.Attestor.GraphRoot.Models;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Attestor.GraphRoot.Models;

 namespace StellaOps.Scanner.Reachability.Attestation;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/ReachabilitySubgraphPublisher.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/ReachabilitySubgraphPublisher.cs
@@ -1,5 +1,4 @@
-using System.Security.Cryptography;
-using System.Text.Json;
+
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using StellaOps.Attestor.ProofChain.Predicates;
@@ -9,6 +8,8 @@ using StellaOps.Replay.Core;
 using StellaOps.Scanner.Cache.Abstractions;
 using StellaOps.Scanner.ProofSpine;
 using StellaOps.Scanner.Reachability.Subgraph;
+using System.Security.Cryptography;
+using System.Text.Json;

 namespace StellaOps.Scanner.Reachability.Attestation;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/ReachabilityWitnessDsseBuilder.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/ReachabilityWitnessDsseBuilder.cs
@@ -1,6 +1,7 @@
-using System.Text.Json.Serialization;
+
 using StellaOps.Cryptography;
 using StellaOps.Replay.Core;
+using System.Text.Json.Serialization;

 namespace StellaOps.Scanner.Reachability.Attestation;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/ReachabilityWitnessPublisher.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Attestation/ReachabilityWitnessPublisher.cs
@@ -1,14 +1,15 @@
-using System.Linq;
-using System.Security.Cryptography;
-using System.Text.Json;
-using StellaOps.Attestor.Core.Rekor;
-using StellaOps.Attestor.Core.Submission;
+
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
+using StellaOps.Attestor.Core.Rekor;
+using StellaOps.Attestor.Core.Submission;
 using StellaOps.Cryptography;
 using StellaOps.Replay.Core;
 using StellaOps.Scanner.Cache.Abstractions;
 using StellaOps.Scanner.ProofSpine;
+using System.Linq;
+using System.Security.Cryptography;
+using System.Text.Json;

 namespace StellaOps.Scanner.Reachability.Attestation;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Binary/BinaryPatchVerifier.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Binary/BinaryPatchVerifier.cs
@@ -2,14 +2,15 @@
 // Copyright (c) StellaOps
 // Sprint: EVID-001-004 - Binary Patch Verification Implementation

-using System.Collections.Concurrent;
-using System.Collections.Immutable;
-using System.Diagnostics;
+
 using Microsoft.Extensions.Logging;
 using StellaOps.BinaryIndex.Decompiler;
 using StellaOps.BinaryIndex.Ghidra;
 using StellaOps.Scanner.Explainability.Assumptions;
 using StellaOps.Scanner.Reachability.Stack;
+using System.Collections.Concurrent;
+using System.Collections.Immutable;
+using System.Diagnostics;

 namespace StellaOps.Scanner.Reachability.Binary;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/BoundaryExtractionContext.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/BoundaryExtractionContext.cs
@@ -4,9 +4,10 @@
 // Description: Context for boundary extraction with environment hints.
 // -----------------------------------------------------------------------------

+
+using StellaOps.Scanner.Reachability.Gates;
 using System;
 using System.Collections.Generic;
-using StellaOps.Scanner.Reachability.Gates;

 namespace StellaOps.Scanner.Reachability.Boundary;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/CompositeBoundaryExtractor.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/CompositeBoundaryExtractor.cs
@@ -4,13 +4,14 @@
 // Description: Composite extractor that aggregates results from multiple extractors.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Scanner.SmartDiff.Detection;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using StellaOps.Scanner.SmartDiff.Detection;

 namespace StellaOps.Scanner.Reachability.Boundary;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/GatewayBoundaryExtractor.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/GatewayBoundaryExtractor.cs
@@ -4,13 +4,14 @@
 // Description: Extracts boundary proof from API Gateway metadata.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Scanner.SmartDiff.Detection;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using StellaOps.Scanner.SmartDiff.Detection;

 namespace StellaOps.Scanner.Reachability.Boundary;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/IBoundaryProofExtractor.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/IBoundaryProofExtractor.cs
@@ -4,9 +4,10 @@
 // Description: Interface for extracting boundary proofs from various sources.
 // -----------------------------------------------------------------------------

+
+using StellaOps.Scanner.SmartDiff.Detection;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Scanner.SmartDiff.Detection;

 namespace StellaOps.Scanner.Reachability.Boundary;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/IacBoundaryExtractor.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/IacBoundaryExtractor.cs
@@ -4,13 +4,14 @@
 // Description: Extracts boundary proof from Infrastructure-as-Code metadata.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Scanner.SmartDiff.Detection;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using StellaOps.Scanner.SmartDiff.Detection;

 namespace StellaOps.Scanner.Reachability.Boundary;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/K8sBoundaryExtractor.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/K8sBoundaryExtractor.cs
@@ -4,13 +4,14 @@
 // Description: Extracts boundary proof from Kubernetes metadata.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Scanner.SmartDiff.Detection;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using StellaOps.Scanner.SmartDiff.Detection;

 namespace StellaOps.Scanner.Reachability.Boundary;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/RichGraphBoundaryExtractor.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Boundary/RichGraphBoundaryExtractor.cs
@@ -4,14 +4,15 @@
 // Description: Extracts boundary proof from RichGraph roots and node annotations.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Scanner.Reachability.Gates;
+using StellaOps.Scanner.SmartDiff.Detection;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using StellaOps.Scanner.Reachability.Gates;
-using StellaOps.Scanner.SmartDiff.Detection;

 namespace StellaOps.Scanner.Reachability.Boundary;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/GraphDeltaComputer.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/GraphDeltaComputer.cs
@@ -4,12 +4,13 @@
 // Description: Implementation of graph delta computation.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Scanner.Reachability.Cache;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/ImpactSetCalculator.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/ImpactSetCalculator.cs
@@ -4,12 +4,13 @@
 // Description: Calculates which entry/sink pairs are affected by graph changes.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Scanner.Reachability.Cache;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/IncrementalReachabilityService.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/IncrementalReachabilityService.cs
@@ -4,13 +4,14 @@
 // Description: Orchestrates incremental reachability analysis with caching.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Scanner.Reachability.Cache;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/PostgresReachabilityCache.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/PostgresReachabilityCache.cs
@@ -4,13 +4,14 @@
 // Description: PostgreSQL implementation of IReachabilityCache.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using Npgsql;
 using System;
 using System.Collections.Generic;
 using System.Data;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using Npgsql;

 namespace StellaOps.Scanner.Reachability.Cache;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/PrReachabilityGate.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/PrReachabilityGate.cs
@@ -4,13 +4,14 @@
 // Description: Evaluates incremental reachability results for PR gate decisions.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using System;
 using System.Collections.Generic;
 using System.Globalization;
 using System.Linq;
 using System.Text;
-using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Options;

 namespace StellaOps.Scanner.Reachability.Cache;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/StateFlipDetector.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Cache/StateFlipDetector.cs
@@ -4,12 +4,13 @@
 // Description: Detects reachability state changes between scans.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Scanner.Reachability.Cache;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/CodeId.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/CodeId.cs
@@ -1,3 +1,4 @@
+
 using System;
 using System.Security.Cryptography;
 using System.Text;
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/CodeIdBuilder.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/CodeIdBuilder.cs
@@ -1,6 +1,7 @@
+
+using StellaOps.Cryptography;
 using System;
 using System.Text;
-using StellaOps.Cryptography;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/ConditionalReachabilityAnalyzer.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/ConditionalReachabilityAnalyzer.cs
@@ -1,6 +1,7 @@
+
+using StellaOps.Concelier.SbomIntegration.Models;
 using System.Collections.Immutable;
 using System.Linq;
-using StellaOps.Concelier.SbomIntegration.Models;

 namespace StellaOps.Scanner.Reachability.Dependencies;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/DependencyGraphBuilder.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/DependencyGraphBuilder.cs
@@ -1,5 +1,6 @@
-using System.Collections.Immutable;
+
 using StellaOps.Concelier.SbomIntegration.Models;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Dependencies;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/DependencyReachabilityModels.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/DependencyReachabilityModels.cs
@@ -1,5 +1,6 @@
-using System.Collections.Immutable;
+
 using StellaOps.Concelier.SbomIntegration.Models;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Dependencies;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/EntryPointDetector.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/EntryPointDetector.cs
@@ -1,5 +1,6 @@
-using System.Collections.Immutable;
+
 using StellaOps.Concelier.SbomIntegration.Models;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Dependencies;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/ReachGraphReachabilityCombiner.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/ReachGraphReachabilityCombiner.cs
@@ -1,6 +1,7 @@
-using System.Collections.Immutable;
+
 using StellaOps.Concelier.SbomIntegration.Models;
 using StellaOps.Scanner.Reachability;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Dependencies;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/ReachabilityPolicyLoader.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/ReachabilityPolicyLoader.cs
@@ -1,3 +1,4 @@
+
 using System.Text;
 using System.Text.Json;
 using System.Text.Json.Serialization;
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/Reporting/DependencyReachabilityReporter.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/Reporting/DependencyReachabilityReporter.cs
@@ -1,8 +1,9 @@
-using System.Collections.Immutable;
-using System.Text;
+
 using StellaOps.Concelier.SbomIntegration.Models;
 using StellaOps.Scanner.Sarif;
 using StellaOps.Scanner.Sarif.Models;
+using System.Collections.Immutable;
+using System.Text;

 namespace StellaOps.Scanner.Reachability.Dependencies.Reporting;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/StaticReachabilityAnalyzer.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/StaticReachabilityAnalyzer.cs
@@ -1,5 +1,6 @@
-using System.Collections.Immutable;
+
 using StellaOps.Concelier.SbomIntegration.Models;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Dependencies;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/VulnerabilityReachabilityFilter.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Dependencies/VulnerabilityReachabilityFilter.cs
@@ -1,5 +1,6 @@
-using System.Collections.Immutable;
+
 using StellaOps.Concelier.SbomIntegration.Models;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Dependencies;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/EdgeBundlePublisher.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/EdgeBundlePublisher.cs
@@ -1,3 +1,5 @@
+
+using StellaOps.Scanner.Cache.Abstractions;
 using System;
 using System.Globalization;
 using System.IO;
@@ -6,7 +8,6 @@ using System.Text;
 using System.Text.Json;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Scanner.Cache.Abstractions;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Explanation/PathExplanationModels.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Explanation/PathExplanationModels.cs
@@ -4,10 +4,11 @@
 // Description: Models for explained reachability paths with gate information.
 // -----------------------------------------------------------------------------

+
+using StellaOps.Scanner.Reachability.Gates;
 using System;
 using System.Collections.Generic;
 using System.Text.Json.Serialization;
-using StellaOps.Scanner.Reachability.Gates;

 namespace StellaOps.Scanner.Reachability.Explanation;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Explanation/PathExplanationService.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Explanation/PathExplanationService.cs
@@ -4,14 +4,15 @@
 // Description: Service for reconstructing and explaining reachability paths.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Scanner.Reachability.Gates;
 using System;
 using System.Collections.Generic;
 using System.Globalization;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;
-using StellaOps.Scanner.Reachability.Gates;

 namespace StellaOps.Scanner.Reachability.Explanation;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Explanation/PathRenderer.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Explanation/PathRenderer.cs
@@ -4,13 +4,14 @@
 // Description: Renders explained paths in various output formats.
 // -----------------------------------------------------------------------------

+
+using StellaOps.Scanner.Reachability.Gates;
 using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Text;
 using System.Text.Json;
 using System.Text.Json.Serialization;
-using StellaOps.Scanner.Reachability.Gates;

 namespace StellaOps.Scanner.Reachability.Explanation;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/FunctionMap/FunctionMapGenerator.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/FunctionMap/FunctionMapGenerator.cs
@@ -3,13 +3,14 @@
 // Sprint: SPRINT_20260122_039_Scanner_runtime_linkage_verification
 // Task: RLV-002 - Implement FunctionMapGenerator

+
+using Microsoft.Extensions.Logging;
+using StellaOps.Concelier.SbomIntegration.Models;
+using StellaOps.Concelier.SbomIntegration.Parsing;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
 using System.Text.RegularExpressions;
-using Microsoft.Extensions.Logging;
-using StellaOps.Concelier.SbomIntegration.Parsing;
-using StellaOps.Concelier.SbomIntegration.Models;

 namespace StellaOps.Scanner.Reachability.FunctionMap;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/FunctionMap/ObservationStore/PostgresRuntimeObservationStore.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/FunctionMap/ObservationStore/PostgresRuntimeObservationStore.cs
@@ -3,11 +3,12 @@
 // Sprint: SPRINT_20260122_039_Scanner_runtime_linkage_verification
 // Task: RLV-005 - Implement Runtime Observation Store

-using System.Text;
+
 using Microsoft.Extensions.Logging;
 using Npgsql;
 using NpgsqlTypes;
 using StellaOps.Scanner.Reachability.FunctionMap.Verification;
+using System.Text;

 namespace StellaOps.Scanner.Reachability.FunctionMap.ObservationStore;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/FunctionMap/Verification/ClaimVerifier.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/FunctionMap/Verification/ClaimVerifier.cs
@@ -3,10 +3,11 @@
 // Sprint: SPRINT_20260122_039_Scanner_runtime_linkage_verification
 // Task: RLV-003 - Implement IClaimVerifier

+
+using Microsoft.Extensions.Logging;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Scanner.Reachability.FunctionMap.Verification;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Gates/Detectors/FileSystemCodeContentProvider.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Gates/Detectors/FileSystemCodeContentProvider.cs
@@ -1,3 +1,4 @@
+
 using System;
 using System.Collections.Generic;
 using System.IO;
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Gates/RichGraphGateAnnotator.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Gates/RichGraphGateAnnotator.cs
@@ -1,8 +1,9 @@
+
+using GateDetectors = StellaOps.Scanner.Reachability.Gates.Detectors;
+using Microsoft.Extensions.Logging;
 using System.Collections.Generic;
 using System.Linq;
 using System.Text.Json;
-using Microsoft.Extensions.Logging;
-using GateDetectors = StellaOps.Scanner.Reachability.Gates.Detectors;

 namespace StellaOps.Scanner.Reachability.Gates;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Jobs/ReachabilityEvidenceJobExecutor.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Jobs/ReachabilityEvidenceJobExecutor.cs
@@ -2,23 +2,24 @@
 // Copyright (c) StellaOps
 // Sprint: EVID-001-002 - Reachability Evidence Job Executor

-using System.Collections.Immutable;
-using System.Diagnostics;
-using System.Globalization;
+
+// Aliases to disambiguate types with same name in different namespaces
+
+using BinaryVulnerableSymbol = StellaOps.Scanner.Reachability.Binary.VulnerableSymbol;
 using Microsoft.Extensions.Logging;
+using StackCallPath = StellaOps.Scanner.Reachability.Stack.CallPath;
+using StackEntrypointType = StellaOps.Scanner.Reachability.Stack.EntrypointType;
+using StackVulnerableSymbol = StellaOps.Scanner.Reachability.Stack.VulnerableSymbol;
+using StellaOps.Determinism;
 using StellaOps.Scanner.CallGraph;
 using StellaOps.Scanner.Explainability.Assumptions;
 using StellaOps.Scanner.Reachability.Binary;
 using StellaOps.Scanner.Reachability.Runtime;
 using StellaOps.Scanner.Reachability.Services;
 using StellaOps.Scanner.Reachability.Stack;
-using StellaOps.Determinism;
-
-// Aliases to disambiguate types with same name in different namespaces
-using StackEntrypointType = StellaOps.Scanner.Reachability.Stack.EntrypointType;
-using StackVulnerableSymbol = StellaOps.Scanner.Reachability.Stack.VulnerableSymbol;
-using BinaryVulnerableSymbol = StellaOps.Scanner.Reachability.Binary.VulnerableSymbol;
-using StackCallPath = StellaOps.Scanner.Reachability.Stack.CallPath;
+using System.Collections.Immutable;
+using System.Diagnostics;
+using System.Globalization;

 namespace StellaOps.Scanner.Reachability.Jobs;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Layer1/ILayer1Analyzer.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Layer1/ILayer1Analyzer.cs
@@ -1,8 +1,9 @@
 // SPDX-License-Identifier: BUSL-1.1
 // Copyright (c) StellaOps

-using System.Collections.Immutable;
+
 using StellaOps.Scanner.Reachability.Stack;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Layer1;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Layer2/ILayer2Analyzer.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Layer2/ILayer2Analyzer.cs
@@ -1,8 +1,9 @@
 // SPDX-License-Identifier: BUSL-1.1
 // Copyright (c) StellaOps

-using System.Collections.Immutable;
+
 using StellaOps.Scanner.Reachability.Stack;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Layer2;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Layer3/ILayer3Analyzer.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Layer3/ILayer3Analyzer.cs
@@ -1,8 +1,9 @@
 // SPDX-License-Identifier: BUSL-1.1
 // Copyright (c) StellaOps

-using System.Collections.Immutable;
+
 using StellaOps.Scanner.Reachability.Stack;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Layer3;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Lifters/BinaryReachabilityLifter.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Lifters/BinaryReachabilityLifter.cs
@@ -1,3 +1,5 @@
+
+using StellaOps.Scanner.Analyzers.Native;
 using System;
 using System.Buffers.Binary;
 using System.Collections.Generic;
@@ -7,7 +9,6 @@ using System.Security.Cryptography;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Scanner.Analyzers.Native;

 namespace StellaOps.Scanner.Reachability.Lifters;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Lifters/DotNetReachabilityLifter.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Lifters/DotNetReachabilityLifter.cs
@@ -1,3 +1,4 @@
+
 using System;
 using System.Collections.Generic;
 using System.IO;
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Lifters/NodeReachabilityLifter.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Lifters/NodeReachabilityLifter.cs
@@ -1,3 +1,4 @@
+
 using System;
 using System.Collections.Generic;
 using System.IO;
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityGraphBuilder.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityGraphBuilder.cs
@@ -1,3 +1,4 @@
+
 using System;
 using System.Collections.Generic;
 using System.Collections.Immutable;
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityReplayWriter.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityReplayWriter.cs
@@ -1,7 +1,8 @@
+
+using StellaOps.Replay.Core;
 using System;
 using System.Collections.Generic;
 using System.Linq;
-using StellaOps.Replay.Core;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityRichGraphPublisher.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityRichGraphPublisher.cs
@@ -1,3 +1,5 @@
+
+using StellaOps.Scanner.Cache.Abstractions;
 using System;
 using System.IO;
 using System.Security.Cryptography;
@@ -5,7 +7,6 @@ using System.Text;
 using System.Text.Json;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Scanner.Cache.Abstractions;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityRichGraphPublisherService.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityRichGraphPublisherService.cs
@@ -1,10 +1,11 @@
+
+using StellaOps.Scanner.Cache.Abstractions;
+using StellaOps.Scanner.Reachability.Gates;
+using StellaOps.Scanner.Surface.Env;
 using System;
 using System.IO;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Scanner.Cache.Abstractions;
-using StellaOps.Scanner.Surface.Env;
-using StellaOps.Scanner.Reachability.Gates;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityUnionPublisher.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityUnionPublisher.cs
@@ -1,3 +1,5 @@
+
+using StellaOps.Scanner.Cache.Abstractions;
 using System;
 using System.IO;
 using System.IO.Compression;
@@ -5,7 +7,6 @@ using System.Linq;
 using System.Security.Cryptography;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Scanner.Cache.Abstractions;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityUnionPublisherService.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityUnionPublisherService.cs
@@ -1,9 +1,10 @@
+
+using StellaOps.Scanner.Cache.Abstractions;
+using StellaOps.Scanner.Surface.Env;
 using System;
 using System.IO;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Scanner.Cache.Abstractions;
-using StellaOps.Scanner.Surface.Env;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityUnionWriter.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/ReachabilityUnionWriter.cs
@@ -1,3 +1,4 @@
+
 using System;
 using System.Collections.Generic;
 using System.Collections.Immutable;
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/RichGraph.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/RichGraph.cs
@@ -1,9 +1,10 @@
+
+using StellaOps.Scanner.Reachability.Gates;
 using System;
 using System.Collections.Generic;
 using System.Collections.Immutable;
 using System.Linq;
 using System.Security.Cryptography;
-using StellaOps.Scanner.Reachability.Gates;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/RichGraphExtensions.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/RichGraphExtensions.cs
@@ -1,6 +1,7 @@
+
+using StellaOps.Scanner.Reachability.Ordering;
 using System.Text.Json;
 using System.Text.Json.Serialization;
-using StellaOps.Scanner.Reachability.Ordering;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/RichGraphReader.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/RichGraphReader.cs
@@ -1,6 +1,7 @@
+
+using StellaOps.Scanner.Reachability.Gates;
 using System.Text.Json;
 using System.Text.Json.Serialization;
-using StellaOps.Scanner.Reachability.Gates;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/RichGraphWriter.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/RichGraphWriter.cs
@@ -1,11 +1,12 @@
+
+using StellaOps.Cryptography;
+using StellaOps.Scanner.Reachability.Gates;
 using System;
 using System.IO;
 using System.Text.Encodings.Web;
 using System.Text.Json;
 using System.Threading;
 using System.Threading.Tasks;
-using StellaOps.Cryptography;
-using StellaOps.Scanner.Reachability.Gates;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Runtime/EbpfRuntimeReachabilityCollector.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Runtime/EbpfRuntimeReachabilityCollector.cs
@@ -2,13 +2,14 @@
 // Copyright (c) StellaOps
 // Sprint: EVID-001-004 - eBPF Runtime Reachability Collector

-using System.Collections.Immutable;
-using System.Runtime.InteropServices;
+
 using Microsoft.Extensions.Logging;
 using StellaOps.Scanner.Explainability.Assumptions;
 using StellaOps.Scanner.Reachability.Stack;
 using StellaOps.Signals.Ebpf.Schema;
 using StellaOps.Signals.Ebpf.Services;
+using System.Collections.Immutable;
+using System.Runtime.InteropServices;

 namespace StellaOps.Scanner.Reachability.Runtime;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Runtime/EbpfSignalMerger.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Runtime/EbpfSignalMerger.cs
@@ -2,12 +2,13 @@
 // SPDX-License-Identifier: BUSL-1.1
 // </copyright>

-namespace StellaOps.Scanner.Reachability.Runtime;
-
-using System.Collections.Immutable;
 using Microsoft.Extensions.Logging;
 using StellaOps.Scanner.Reachability.Slices;
 using StellaOps.Signals.Ebpf.Schema;
+using System.Collections.Immutable;
+
+namespace StellaOps.Scanner.Reachability.Runtime;
+

 /// <summary>
 /// Merges eBPF runtime signals with static reachability analysis.
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Runtime/RuntimeStaticMerger.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Runtime/RuntimeStaticMerger.cs
@@ -1,7 +1,8 @@
-using System.Collections.Immutable;
+
 using Microsoft.Extensions.Logging;
 using StellaOps.Scanner.Core;
 using StellaOps.Scanner.Reachability.Slices;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Runtime;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Services/PostgresCveSymbolMappingRepository.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Services/PostgresCveSymbolMappingRepository.cs
@@ -2,9 +2,10 @@
 // Copyright (c) StellaOps
 // Sprint: EVID-001-001 - CVE-Symbol Mapping Repository

-using System.Data;
+
 using Microsoft.Extensions.Logging;
 using Npgsql;
+using System.Data;

 namespace StellaOps.Scanner.Reachability.Services;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/InMemorySliceCache.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/InMemorySliceCache.cs
@@ -1,5 +1,6 @@
-using System.Collections.Concurrent;
+
 using Microsoft.Extensions.Logging;
+using System.Collections.Concurrent;

 namespace StellaOps.Scanner.Reachability.Slices;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/ObservedPathSliceGenerator.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/ObservedPathSliceGenerator.cs
@@ -1,7 +1,8 @@
-using System.Collections.Immutable;
+
 using Microsoft.Extensions.Logging;
 using StellaOps.Scanner.Core;
 using StellaOps.Scanner.Reachability.Runtime;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Slices;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/SliceCache.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/SliceCache.cs
@@ -1,5 +1,6 @@
-using System.Collections.Concurrent;
+
 using Microsoft.Extensions.Options;
+using System.Collections.Concurrent;

 namespace StellaOps.Scanner.Reachability.Slices;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/SliceDiffComputer.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/SliceDiffComputer.cs
@@ -1,3 +1,4 @@
+
 using System.Collections.Immutable;
 using System.Security.Cryptography;
 using System.Text;
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/SliceExtractor.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/SliceExtractor.cs
@@ -1,6 +1,7 @@
-using System.Collections.Immutable;
+
 using StellaOps.Scanner.Core;
 using StellaOps.Scanner.Reachability.Gates;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Slices;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/SliceModels.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Slices/SliceModels.cs
@@ -1,7 +1,8 @@
+
+using StellaOps.Scanner.Core;
 using System.Collections.Immutable;
 using System.Text.Json;
 using System.Text.Json.Serialization;
-using StellaOps.Scanner.Core;

 namespace StellaOps.Scanner.Reachability.Slices;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Stack/ReachabilityResultFactory.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Stack/ReachabilityResultFactory.cs
@@ -6,10 +6,11 @@
 //              SuppressionWitnessBuilder with ReachabilityStack evaluation.
 // -----------------------------------------------------------------------------

-using System.Collections.Immutable;
+
 using Microsoft.Extensions.Logging;
 using StellaOps.Scanner.Explainability.Assumptions;
 using StellaOps.Scanner.Reachability.Witnesses;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Stack;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Stack/ReachabilityStack.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Stack/ReachabilityStack.cs
@@ -1,8 +1,9 @@
 // SPDX-License-Identifier: BUSL-1.1
 // Copyright (c) StellaOps

-using System.Collections.Immutable;
+
 using StellaOps.Scanner.Explainability.Assumptions;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Stack;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Stack/ReachabilityStackEvaluator.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Stack/ReachabilityStackEvaluator.cs
@@ -1,10 +1,11 @@
 // SPDX-License-Identifier: BUSL-1.1
 // Copyright (c) StellaOps

-using System.Globalization;
-using System.Text;
+
 using StellaOps.Determinism;
 using StellaOps.Scanner.Explainability.Assumptions;
+using System.Globalization;
+using System.Text;

 namespace StellaOps.Scanner.Reachability.Stack;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Subgraph/ReachabilitySubgraphExtractor.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Subgraph/ReachabilitySubgraphExtractor.cs
@@ -1,5 +1,6 @@
-using System.Collections.Immutable;
+
 using StellaOps.Scanner.Reachability.Gates;
+using System.Collections.Immutable;

 namespace StellaOps.Scanner.Reachability.Subgraph;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Subgraph/ReachabilitySubgraphModels.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Subgraph/ReachabilitySubgraphModels.cs
@@ -1,6 +1,7 @@
-using System.Collections.Immutable;
-using System.Text.Json.Serialization;
+
 using StellaOps.Scanner.Reachability.Gates;
+using System.Collections.Immutable;
+using System.Text.Json.Serialization;

 namespace StellaOps.Scanner.Reachability.Subgraph;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/SubgraphExtractor.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/SubgraphExtractor.cs
@@ -1,10 +1,11 @@
 // Copyright (c) StellaOps. Licensed under BUSL-1.1.

-using System.Collections.Concurrent;
-using System.Globalization;
+
 using Microsoft.Extensions.Logging;
 using StellaOps.Attestor;
 using StellaOps.Determinism;
+using System.Collections.Concurrent;
+using System.Globalization;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Surfaces/SurfaceAwareReachabilityAnalyzer.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Surfaces/SurfaceAwareReachabilityAnalyzer.cs
@@ -4,13 +4,14 @@
 // Description: Reachability analyzer that uses vulnerability surfaces for precise sink resolution.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Logging;
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Scanner.Reachability.Surfaces;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Surfaces/SurfaceQueryService.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Surfaces/SurfaceQueryService.cs
@@ -4,14 +4,15 @@
 // Description: Implementation of vulnerability surface query service.
 // -----------------------------------------------------------------------------

+
+using Microsoft.Extensions.Caching.Memory;
+using Microsoft.Extensions.Logging;
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.Extensions.Caching.Memory;
-using Microsoft.Extensions.Logging;

 namespace StellaOps.Scanner.Reachability.Surfaces;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/SymbolIdBuilder.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/SymbolIdBuilder.cs
@@ -1,6 +1,7 @@
+
+using StellaOps.Cryptography;
 using System;
 using System.Text;
-using StellaOps.Cryptography;

 namespace StellaOps.Scanner.Reachability;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/TASKS.md
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/TASKS.md
@@ -0,0 +1,8 @@
+# StellaOps.Scanner.Reachability Task Board
+This board mirrors active sprint tasks for this module.
+Source of truth: `docs/implplan/SPRINT_20260130_002_Tools_csproj_remediation_solid_review.md`.
+
+| Task ID | Status | Notes |
+| --- | --- | --- |
+| REMED-05 | TODO | Remediation checklist: docs/implplan/audits/csproj-standards/remediation/checklists/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/StellaOps.Scanner.Reachability.md. |
+| REMED-06 | DONE | SOLID review notes captured for SPRINT_20260130_002. |
--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Vex/VexStatusDeterminer.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Vex/VexStatusDeterminer.cs
@@ -2,8 +2,9 @@
 // Copyright (c) StellaOps
 // Sprint: EVID-001-003 - VEX Status Determiner Implementation

-using System.Text;
+
 using StellaOps.Scanner.Reachability.Stack;
+using System.Text;

 namespace StellaOps.Scanner.Reachability.Vex;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/PathWitnessBuilder.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/PathWitnessBuilder.cs
@@ -1,9 +1,10 @@
+
+using StellaOps.Cryptography;
+using StellaOps.Scanner.Reachability.Gates;
 using System.Runtime.CompilerServices;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
-using StellaOps.Cryptography;
-using StellaOps.Scanner.Reachability.Gates;

 namespace StellaOps.Scanner.Reachability.Witnesses;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/SuppressionDsseSigner.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/SuppressionDsseSigner.cs
@@ -1,8 +1,9 @@
+
+using StellaOps.Attestor.Envelope;
+using StellaOps.Canonical.Json;
 using System.Text.Encodings.Web;
 using System.Text.Json;
 using System.Text.Json.Serialization;
-using StellaOps.Attestor.Envelope;
-using StellaOps.Canonical.Json;

 namespace StellaOps.Scanner.Reachability.Witnesses;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/SuppressionWitnessBuilder.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/SuppressionWitnessBuilder.cs
@@ -1,7 +1,8 @@
+
+using StellaOps.Cryptography;
 using System.Security.Cryptography;
 using System.Text;
 using System.Text.Json;
-using StellaOps.Cryptography;

 namespace StellaOps.Scanner.Reachability.Witnesses;

--- a/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/WitnessDsseSigner.cs
+++ b/src/Scanner/__Libraries/StellaOps.Scanner.Reachability/Witnesses/WitnessDsseSigner.cs
@@ -1,8 +1,9 @@
+
+using StellaOps.Attestor.Envelope;
+using StellaOps.Canonical.Json;
 using System.Text.Encodings.Web;
 using System.Text.Json;
 using System.Text.Json.Serialization;
-using StellaOps.Attestor.Envelope;
-using StellaOps.Canonical.Json;

 namespace StellaOps.Scanner.Reachability.Witnesses;