Add Canonical JSON serialization library with tests and documentation

- Implemented CanonJson class for deterministic JSON serialization and hashing.
- Added unit tests for CanonJson functionality, covering various scenarios including key sorting, handling of nested objects, arrays, and special characters.
- Created project files for the Canonical JSON library and its tests, including necessary package references.
- Added README.md for library usage and API reference.
- Introduced RabbitMqIntegrationFactAttribute for conditional RabbitMQ integration tests.

bench/vex-lattice/README.md

@@ -0,0 +1,153 @@
+# VEX Lattice Benchmark Suite
+
+> **Purpose:** Verify VEX lattice merge semantics and jurisdiction rules.
+> **Status:** Active
+> **Sprint:** SPRINT_3850_0001_0001 (Competitive Gap Closure)
+
+## Overview
+
+StellaOps implements VEX (Vulnerability Exploitability eXchange) with:
+- Lattice-based merge semantics (stable outcomes)
+- Jurisdiction-specific trust rules (US/EU/RU/CN)
+- Source precedence and confidence weighting
+- Deterministic conflict resolution
+
+## What Gets Tested
+
+### Lattice Properties
+- Idempotency: merge(a, a) = a
+- Commutativity: merge(a, b) = merge(b, a)
+- Associativity: merge(merge(a, b), c) = merge(a, merge(b, c))
+- Monotonicity: once "not_affected", never regresses
+
+### Status Precedence
+Order from most to least specific:
+1. `not_affected` (strongest)
+2. `affected` (with fix)
+3. `under_investigation`
+4. `affected` (no fix)
+
+### Jurisdiction Rules
+- US: FDA/NIST sources preferred
+- EU: ENISA/BSI sources preferred
+- RU: FSTEC sources preferred
+- CN: CNVD sources preferred
+
+## Test Cases
+
+### TC-001: Idempotency
+
+```json
+{
+  "input_a": { "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path" },
+  "input_b": { "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path" },
+  "expected": { "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path" }
+}
+```
+
+### TC-002: Commutativity
+
+```json
+{
+  "merge_ab": "merge(vendor_vex, nvd_vex)",
+  "merge_ba": "merge(nvd_vex, vendor_vex)",
+  "expected": "identical_result"
+}
+```
+
+### TC-003: Associativity
+
+```json
+{
+  "lhs": "merge(merge(a, b), c)",
+  "rhs": "merge(a, merge(b, c))",
+  "expected": "identical_result"
+}
+```
+
+### TC-004: Conflict Resolution
+
+```json
+{
+  "vendor_says": "not_affected",
+  "nvd_says": "affected",
+  "expected": "not_affected",
+  "reason": "vendor_has_higher_precedence"
+}
+```
+
+### TC-005: Jurisdiction Override
+
+```json
+{
+  "jurisdiction": "EU",
+  "bsi_says": "not_affected",
+  "nist_says": "affected",
+  "expected": "not_affected",
+  "reason": "bsi_preferred_in_eu"
+}
+```
+
+## Fixtures
+
+```
+fixtures/
+├── lattice-properties/
+│   ├── idempotency.json
+│   ├── commutativity.json
+│   └── associativity.json
+├── conflict-resolution/
+│   ├── vendor-vs-nvd.json
+│   ├── multiple-vendors.json
+│   └── timestamp-tiebreaker.json
+├── jurisdiction-rules/
+│   ├── us-fda-nist.json
+│   ├── eu-enisa-bsi.json
+│   ├── ru-fstec.json
+│   └── cn-cnvd.json
+└── expected/
+    └── all-tests.results.json
+```
+
+## Running the Suite
+
+```bash
+# Run VEX lattice tests
+dotnet test tests/StellaOps.Policy.Vex.Tests
+
+# Run lattice property verification
+./run-lattice-tests.sh
+
+# Run jurisdiction rule tests
+./run-jurisdiction-tests.sh
+```
+
+## Metrics
+
+| Metric | Target | Description |
+|--------|--------|-------------|
+| Lattice properties | 100% pass | All algebraic properties hold |
+| Jurisdiction correctness | 100% pass | Correct source preferred by region |
+| Merge determinism | 100% pass | Same inputs → same output |
+
+## Integration with CI
+
+```yaml
+# .gitea/workflows/bench-vex-lattice.yaml
+name: VEX Lattice Benchmark
+on:
+  push:
+    paths:
+      - 'src/Policy/**'
+      - 'bench/vex-lattice/**'
+
+jobs:
+  lattice:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run Lattice Tests
+        run: dotnet test tests/StellaOps.Policy.Vex.Tests
+      - name: Run Property Tests
+        run: ./bench/vex-lattice/run-lattice-tests.sh
+```