up

2025-12-13 02:22:15 +02:00
parent 564df71bfb
commit 999e26a48e
395 changed files with 25045 additions and 2224 deletions
--- a/datasets/reachability/schema/manifest.schema.json
+++ b/datasets/reachability/schema/manifest.schema.json
@@ -0,0 +1,94 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "$id": "https://stellaops.io/schemas/reachability/manifest.schema.json",
+  "title": "Reachability Sample Manifest",
+  "description": "Metadata for a reachability test sample",
+  "type": "object",
+  "required": ["sampleId", "version", "createdAt", "language", "category", "description"],
+  "properties": {
+    "sampleId": {
+      "type": "string",
+      "pattern": "^sample:[a-z]+:[a-z0-9-]+:[0-9]+$",
+      "description": "Unique sample identifier"
+    },
+    "version": {
+      "type": "string",
+      "pattern": "^[0-9]+\\.[0-9]+\\.[0-9]+$",
+      "description": "Sample version (SemVer)"
+    },
+    "createdAt": {
+      "type": "string",
+      "format": "date-time",
+      "description": "Creation timestamp (UTC ISO-8601)"
+    },
+    "language": {
+      "type": "string",
+      "enum": ["java", "csharp", "javascript", "php", "python", "native", "polyglot"],
+      "description": "Primary language of the sample"
+    },
+    "category": {
+      "type": "string",
+      "enum": ["positive", "negative", "contested"],
+      "description": "Ground truth category"
+    },
+    "description": {
+      "type": "string",
+      "description": "Human-readable description"
+    },
+    "source": {
+      "type": "object",
+      "properties": {
+        "repository": {
+          "type": "string",
+          "format": "uri"
+        },
+        "commit": {
+          "type": "string"
+        },
+        "buildToolchain": {
+          "type": "string"
+        }
+      }
+    },
+    "vulnerabilities": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": ["vulnId", "purl", "affectedSymbol"],
+        "properties": {
+          "vulnId": {
+            "type": "string",
+            "description": "CVE or advisory ID"
+          },
+          "purl": {
+            "type": "string",
+            "description": "Package URL of vulnerable package"
+          },
+          "affectedSymbol": {
+            "type": "string",
+            "description": "Symbol name that is vulnerable"
+          }
+        }
+      }
+    },
+    "artifacts": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": ["path", "hash", "type"],
+        "properties": {
+          "path": {
+            "type": "string"
+          },
+          "hash": {
+            "type": "string",
+            "pattern": "^sha256:[a-f0-9]{64}$"
+          },
+          "type": {
+            "type": "string"
+          }
+        }
+      }
+    }
+  }
+}