update

2025-12-15 09:03:56 +02:00
parent b058dbe031
commit 8c8f0c632d
8 changed files with 423 additions and 0 deletions
--- a/src/__Libraries/StellaOps.Evidence.Bundle/EvidenceBundle.cs
+++ b/src/__Libraries/StellaOps.Evidence.Bundle/EvidenceBundle.cs
@@ -0,0 +1,53 @@
+namespace StellaOps.Evidence.Bundle;
+
+/// <summary>A complete evidence bundle for a single finding/alert. Contains all evidence required for triage decision.</summary>
+public sealed class EvidenceBundle
+{
+    public string BundleId { get; init; } = Guid.NewGuid().ToString("N");
+    public string SchemaVersion { get; init; } = "1.0";
+    public required string AlertId { get; init; }
+    public required string ArtifactId { get; init; }
+    public ReachabilityEvidence? Reachability { get; init; }
+    public CallStackEvidence? CallStack { get; init; }
+    public ProvenanceEvidence? Provenance { get; init; }
+    public VexStatusEvidence? VexStatus { get; init; }
+    public DiffEvidence? Diff { get; init; }
+    public GraphRevisionEvidence? GraphRevision { get; init; }
+    public required EvidenceHashSet Hashes { get; init; }
+    public required DateTimeOffset CreatedAt { get; init; }
+
+    /// <summary>Compute evidence completeness score (0-4 based on core evidence types).</summary>
+    public int ComputeCompletenessScore()
+    {
+        var score = 0;
+        if (Reachability?.Status == EvidenceStatus.Available) score++;
+        if (CallStack?.Status == EvidenceStatus.Available) score++;
+        if (Provenance?.Status == EvidenceStatus.Available) score++;
+        if (VexStatus?.Status == EvidenceStatus.Available) score++;
+        return score;
+    }
+
+    /// <summary>Create status summary from evidence.</summary>
+    public EvidenceStatusSummary CreateStatusSummary() => new()
+    {
+        Reachability = Reachability?.Status ?? EvidenceStatus.Unavailable,
+        CallStack = CallStack?.Status ?? EvidenceStatus.Unavailable,
+        Provenance = Provenance?.Status ?? EvidenceStatus.Unavailable,
+        VexStatus = VexStatus?.Status ?? EvidenceStatus.Unavailable,
+        Diff = Diff?.Status ?? EvidenceStatus.Unavailable,
+        GraphRevision = GraphRevision?.Status ?? EvidenceStatus.Unavailable
+    };
+
+    /// <summary>Create DSSE predicate for signing.</summary>
+    public EvidenceBundlePredicate ToSigningPredicate() => new()
+    {
+        BundleId = BundleId,
+        AlertId = AlertId,
+        ArtifactId = ArtifactId,
+        CompletenessScore = ComputeCompletenessScore(),
+        Hashes = Hashes,
+        StatusSummary = CreateStatusSummary(),
+        CreatedAt = CreatedAt,
+        SchemaVersion = SchemaVersion
+    };
+}