audit work, fixed StellaOps.sln warnings/errors, fixed tests, sprints work, new advisories

docs/modules/attestor/samples/sbom-vex/README.md

@@ -0,0 +1,15 @@
+# SBOM→VEX Offline Kit (Stub)
+
+This kit supports sprint task 6 (SBOM-VEX-GAPS-300-013).
+
+Contents (stub):
+- `verify.sh` – chain hash stub for SBOM + DSSE + Rekor + VEX
+- `chain-hash-recipe.md` – canonicalisation steps
+- `inputs.lock` – pinned tool versions and snapshot
+- `proof-manifest.json` – chain hash placeholder
+- ~~`sbom-vex-blueprint.svg`~~ – archived (empty placeholder)
+
+Next steps:
+- Add real SBOM/VEX samples and Rekor bundle snapshot.
+- Produce DSSE signatures for proof manifest and scripts.
+- Include time-anchor and backpressure/error policy notes per BP1–BP10.