stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Complete batch 012 (golden set diff) and 013 (advisory chat), fix build errors

Browse Source 
Sprints completed:
- SPRINT_20260110_012_* (golden set diff layer - 10 sprints)
- SPRINT_20260110_013_* (advisory chat - 4 sprints)

Build fixes applied:
- Fix namespace conflicts with Microsoft.Extensions.Options.Options.Create
- Fix VexDecisionReachabilityIntegrationTests API drift (major rewrite)
- Fix VexSchemaValidationTests FluentAssertions method name
- Fix FixChainGateIntegrationTests ambiguous type references
- Fix AdvisoryAI test files required properties and namespace aliases
- Add stub types for CveMappingController (ICveSymbolMappingService)
- Fix VerdictBuilderService static context issue

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
master
2026-01-11 10:09:07 +02:00
parent a3b2f30a11
commit 7f7eb8b228
232 changed files with 58979 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/BinaryIndex/__Libraries/StellaOps.BinaryIndex.GoldenSet/AGENTS.md Normal file
View File

@@ -0,0 +1,33 @@
# GoldenSet Library Charter
## Mission
Provide foundational data models, storage, and validation for Golden Set definitions - ground-truth facts about vulnerability code-level manifestation.
## Responsibilities
- **Domain Models**: GoldenSetDefinition, VulnerableTarget, BasicBlockEdge, WitnessInput, GoldenSetMetadata
- **Validation**: Schema validation, CVE existence check, edge format validation, sink registry lookup
- **Storage**: PostgreSQL persistence with content-addressed retrieval
- **Serialization**: YAML round-trip serialization with snake_case convention
- **Sink Registry**: Lookup service for known sinks mapped to CWE categories
## Key Principles
1. **Immutability**: All models are immutable records with ImmutableArray collections
2. **Content-Addressing**: All golden sets have SHA256-based content digests for deduplication
3. **Determinism**: Serialization and hashing produce deterministic outputs
4. **Air-Gap Ready**: Validation supports offline mode without external lookups
5. **Human-Readable**: YAML as primary format for git-friendliness
## Dependencies
- `BinaryIndex.Contracts` - Shared contracts and DTOs
- `Npgsql` - PostgreSQL driver
- `YamlDotNet` - YAML serialization
- `Microsoft.Extensions.*` - DI, Options, Logging, Caching
## Required Reading
- `docs/modules/binary-index/golden-set-schema.md`
- `docs/implplan/SPRINT_20260110_012_001_BINDEX_golden_set_foundation.md`
## Test Strategy
- Unit tests in `StellaOps.BinaryIndex.GoldenSet.Tests`
- Integration tests with Testcontainers PostgreSQL
- Property-based tests for serialization round-trip