Add determinism tests for verdict artifact generation and update SHA256 sums script

- Implemented comprehensive tests for verdict artifact generation to ensure deterministic outputs across various scenarios, including identical inputs, parallel execution, and change ordering.
- Created helper methods for generating sample verdict inputs and computing canonical hashes.
- Added tests to validate the stability of canonical hashes, proof spine ordering, and summary statistics.
- Introduced a new PowerShell script to update SHA256 sums for files, ensuring accurate hash generation and file integrity checks.

docs/sbom/vex-mapping.md

@@ -1,12 +0,0 @@
-# VEX Mapping (CPE → purl) — Draft Skeleton (2025-12-05 UTC)
-
-Status: draft placeholder. Inputs pending: SBOM/VEX dataflow spec.
-
-## Mapping Strategy
-- How CPEs map to purls; edge cases (to fill).
-
-## Overrides
-- Local override workflow.
-
-## Open TODOs
-- Add concrete examples and tables when dataflow spec lands.

docs/sbom/vuln-resolution.md

@@ -1,22 +0,0 @@
-# SBOM Vulnerability Resolution (Md.XI draft)
-
-> Status: DRAFT — pending export/advisory integration and GRAP0101 field freeze.
-
-## Scope
-- Version semantics, scope, paths, safe version hints for SBOM components in Vuln Explorer.
-- Deterministic examples with hashes in `docs/assets/vuln-explorer/SHA256SUMS`.
-
-## Dependencies
-- Advisory integration (DOCS-VULN-29-008).
-- GRAP0101 identifiers.
-
-## Outline
-- Component resolution (purl, NEVRA); scope (prod/dev/test).
-- Path specificity and deduping rules.
-- Safe version hints and policy overlays.
-
-### Hash Capture Checklist (when inputs ready)
-- `assets/vuln-explorer/sbom-component-resolution.json`
-- `assets/vuln-explorer/sbom-path-dedupe.json`
-- `assets/vuln-explorer/safe-version-hints.json`
-_Last updated: 2025-12-05 (UTC)_