up

src/VulnExplorer/StellaOps.VulnExplorer.Api/Data/SampleData.cs

@@ -50,6 +50,13 @@ internal static class SampleData
             {
                 new AdvisoryRef("https://example.com/advisory/0001", "Upstream advisory")
             },
+            Rationale: new PolicyRationale("rat-0001", "High severity RCE with known exploit; fix available"),
+            Paths: new[] { "/src/app/Program.cs", "/src/lib/utils/net.cs" },
+            Evidence: new[]
+            {
+                new EvidenceRef("sbom", "sbom-0001", "Inventory evidence"),
+                new EvidenceRef("vex", "vex-0001", "Vendor statement")
+            },
             FirstSeen: DateTimeOffset.Parse("2025-01-01T00:00:00Z"),
             LastSeen: DateTimeOffset.Parse("2025-11-01T00:00:00Z"),
             PolicyVersion: summaries[0].PolicyVersion,
@@ -70,6 +77,12 @@ internal static class SampleData
                 new PackageAffect("pkg:npm/foo", new[] { "4.5.6" })
             },
             AdvisoryRefs: Array.Empty<AdvisoryRef>(),
+            Rationale: new PolicyRationale("rat-0002", "Medium severity; no exploit observed; fix unavailable"),
+            Paths: new[] { "/app/node_modules/foo/index.js" },
+            Evidence: new[]
+            {
+                new EvidenceRef("sbom", "sbom-0002", "Inventory evidence")
+            },
             FirstSeen: DateTimeOffset.Parse("2024-06-10T00:00:00Z"),
             LastSeen: DateTimeOffset.Parse("2025-08-15T00:00:00Z"),
             PolicyVersion: summaries[1].PolicyVersion,