synergy moats product advisory implementations

src/Signals/__Libraries/StellaOps.Signals.Persistence/Migrations/001_initial_schema.sql

@@ -286,8 +286,7 @@ CREATE INDEX IF NOT EXISTS idx_deploy_refs_purl_version ON signals.deploy_refs(p
     WHERE purl_version IS NOT NULL;
 CREATE INDEX IF NOT EXISTS idx_deploy_refs_last_seen ON signals.deploy_refs(last_seen_at);
 CREATE INDEX IF NOT EXISTS idx_deploy_refs_environment ON signals.deploy_refs(environment);
-CREATE INDEX IF NOT EXISTS idx_deploy_refs_active ON signals.deploy_refs(purl, last_seen_at)
-    WHERE last_seen_at > NOW() - INTERVAL '30 days';
+CREATE INDEX IF NOT EXISTS idx_deploy_refs_active ON signals.deploy_refs(purl, last_seen_at);
 
 COMMENT ON TABLE signals.deploy_refs IS 'Tracks package deployments across images and environments for popularity scoring (P factor).';
 COMMENT ON COLUMN signals.deploy_refs.purl IS 'Package URL (PURL) identifier, e.g., pkg:npm/lodash@4.17.21';

src/Signals/__Libraries/StellaOps.Signals.Persistence/Migrations/002_runtime_agent_schema.sql

@@ -156,8 +156,9 @@ SELECT
     SUM(rf.hit_count) AS total_observations,
     MIN(rf.first_seen) AS earliest_observation,
     MAX(rf.last_seen) AS latest_observation,
-    COUNT(DISTINCT unnest(rf.agent_ids)) AS contributing_agents
+    COUNT(DISTINCT agents.agent_id) AS contributing_agents
 FROM signals.runtime_facts rf
+LEFT JOIN LATERAL unnest(rf.agent_ids) AS agents(agent_id) ON TRUE
 GROUP BY rf.tenant_id, rf.artifact_digest;
 
 COMMENT ON VIEW signals.runtime_facts_summary IS 'Summary of runtime observations per artifact';

src/Signals/__Libraries/StellaOps.Signals.Persistence/StellaOps.Signals.Persistence.csproj

@@ -13,7 +13,9 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <EmbeddedResource Include="Migrations\**\*.sql" LogicalName="%(RecursiveDir)%(Filename)%(Extension)" />
+    <EmbeddedResource Include="Migrations\**\*.sql"
+                     Exclude="Migrations\_archived\**\*.sql"
+                     LogicalName="%(RecursiveDir)%(Filename)%(Extension)" />
   </ItemGroup>
 
   <ItemGroup>

src/Signals/__Tests/StellaOps.Signals.Ebpf.Tests/RuntimeNodeHashTests.cs

@@ -27,6 +27,9 @@ public sealed class RuntimeNodeHashTests
             Tid = 5678,
             TimestampNs = 1000000000,
             Symbol = "vulnerable_func",
+            FunctionAddress = 0,
+            StackTrace = Array.Empty<ulong>(),
+            RuntimeType = RuntimeType.Unknown,
         };
 
         // Assert - New fields should be null by default
@@ -49,6 +52,9 @@ public sealed class RuntimeNodeHashTests
             Tid = 5678,
             TimestampNs = 1000000000,
             Symbol = "vulnerable_func",
+            FunctionAddress = 0x1234,
+            StackTrace = new ulong[] { 0x10, 0x20, 0x30 },
+            RuntimeType = RuntimeType.DotNet,
             Purl = "pkg:npm/lodash@4.17.21",
             FunctionSignature = "lodash.merge(object, ...sources)",
             BinaryDigest = "sha256:abc123def456",
@@ -90,7 +96,7 @@ public sealed class RuntimeNodeHashTests
     {
         // Arrange
         var nodeHashes = new List<string> { "sha256:hash1", "sha256:hash2", "sha256:hash3" };
-        var functionSignatures = new List<string?> { "main()", "process(req)", "vuln(data)" };
+        var functionSignatures = new List<string> { "main()", "process(req)", "vuln(data)" };
         var binaryDigests = new List<string?> { "sha256:bin1", "sha256:bin2", "sha256:bin3" };
         var binaryOffsets = new List<ulong?> { 0x1000, 0x2000, 0x3000 };
 
@@ -128,6 +134,8 @@ public sealed class RuntimeNodeHashTests
             StartedAt = DateTimeOffset.UtcNow.AddMinutes(-5),
             StoppedAt = DateTimeOffset.UtcNow,
             TotalEvents = 1000,
+            CallPaths = Array.Empty<ObservedCallPath>(),
+            ObservedSymbols = Array.Empty<string>(),
         };
 
         // Assert
@@ -150,6 +158,8 @@ public sealed class RuntimeNodeHashTests
             StartedAt = DateTimeOffset.UtcNow.AddMinutes(-5),
             StoppedAt = DateTimeOffset.UtcNow,
             TotalEvents = 1000,
+            CallPaths = Array.Empty<ObservedCallPath>(),
+            ObservedSymbols = Array.Empty<string>(),
             ObservedNodeHashes = observedNodeHashes,
             ObservedPathHashes = observedPathHashes,
             CombinedPathHash = "sha256:combinedhash"
@@ -188,12 +198,14 @@ public sealed class RuntimeNodeHashTests
         var path1 = new ObservedCallPath
         {
             Symbols = ["main", "process", "vulnerable_func"],
+            ObservationCount = 1,
             Purl = "pkg:npm/lodash@4.17.21"
         };
 
         var path2 = new ObservedCallPath
         {
             Symbols = ["main", "process", "vulnerable_func"],
+            ObservationCount = 1,
             Purl = "pkg:npm/lodash@4.17.21"
         };
 
@@ -218,6 +230,9 @@ public sealed class RuntimeNodeHashTests
             Tid = 5678,
             TimestampNs = 1000000000,
             Symbol = "unknown_func",
+            FunctionAddress = 0,
+            StackTrace = Array.Empty<ulong>(),
+            RuntimeType = RuntimeType.Unknown,
             Purl = null,  // Missing PURL
             FunctionSignature = "unknown_func()",
         };
@@ -239,6 +254,9 @@ public sealed class RuntimeNodeHashTests
             Tid = 5678,
             TimestampNs = 1000000000,
             Symbol = null,  // Missing symbol
+            FunctionAddress = 0,
+            StackTrace = Array.Empty<ulong>(),
+            RuntimeType = RuntimeType.Unknown,
             Purl = "pkg:npm/lodash@4.17.21",
         };
 
@@ -271,12 +289,14 @@ public sealed class RuntimeNodeHashTests
         var path1 = new ObservedCallPath
         {
             Symbols = ["main", "process", "vulnerable_func"],
+            ObservationCount = 1,
             PathHash = "sha256:path1hash"
         };
 
         var path2 = new ObservedCallPath
         {
             Symbols = ["vulnerable_func", "process", "main"],
+            ObservationCount = 1,
             PathHash = "sha256:path2hash"
         };