archive audit attempts

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/StellaOps.Provenance.Attestation.Tool/Program.md

@@ -0,0 +1,16 @@
+# SOLID Review - ToolEntrypoint
+## Scope
+- File: src/Provenance/StellaOps.Provenance.Attestation.Tool/Program.cs
+- Project: src/Provenance/StellaOps.Provenance.Attestation.Tool/StellaOps.Provenance.Attestation.Tool.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: file defines multiple types (ToolEntrypoint, ParsedOptions); responsibilities may be bundled.
+- Dependency inversion: static utility types limit substitution; consider abstraction if behavior must vary.
+
+## Maintainability Notes
+- Multiple types in one file can blur ownership boundaries.
+
+## Recommendations
+- Split types into separate files grouped by responsibility.
+- Consider interface-backed abstraction if alternate implementations are needed.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/StellaOps.Provenance.Attestation/BuildModels.md

@@ -0,0 +1,16 @@
+# SOLID Review - BuildDefinition
+## Scope
+- File: src/Provenance/StellaOps.Provenance.Attestation/BuildModels.cs
+- Project: src/Provenance/StellaOps.Provenance.Attestation/StellaOps.Provenance.Attestation.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: file defines multiple types (BuildDefinition, BuildMetadata, CanonicalJson, MerkleTree, BuildStatement, BuildStatementFactory, BuildStatementDigest); responsibilities may be bundled.
+- Dependency inversion: static utility types limit substitution; consider abstraction if behavior must vary.
+
+## Maintainability Notes
+- Multiple types in one file can blur ownership boundaries.
+
+## Recommendations
+- Split types into separate files grouped by responsibility.
+- Consider interface-backed abstraction if alternate implementations are needed.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/StellaOps.Provenance.Attestation/Hex.md

@@ -0,0 +1,15 @@
+# SOLID Review - H
+## Scope
+- File: src/Provenance/StellaOps.Provenance.Attestation/Hex.cs
+- Project: src/Provenance/StellaOps.Provenance.Attestation/StellaOps.Provenance.Attestation.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: single type definition; cohesive.
+- Dependency inversion: static utility types limit substitution; consider abstraction if behavior must vary.
+
+## Maintainability Notes
+- Minimal surface area; easy to reason about.
+
+## Recommendations
+- Consider interface-backed abstraction if alternate implementations are needed.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/StellaOps.Provenance.Attestation/PromotionAttestation.md

@@ -0,0 +1,16 @@
+# SOLID Review - PromotionPredicate
+## Scope
+- File: src/Provenance/StellaOps.Provenance.Attestation/PromotionAttestation.cs
+- Project: src/Provenance/StellaOps.Provenance.Attestation/StellaOps.Provenance.Attestation.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: file defines multiple types (PromotionPredicate, PromotionAttestation, PromotionAttestationBuilder); responsibilities may be bundled.
+- Dependency inversion: static utility types limit substitution; consider abstraction if behavior must vary.
+
+## Maintainability Notes
+- Multiple types in one file can blur ownership boundaries.
+
+## Recommendations
+- Split types into separate files grouped by responsibility.
+- Consider interface-backed abstraction if alternate implementations are needed.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/StellaOps.Provenance.Attestation/Signers.md

@@ -0,0 +1,15 @@
+# SOLID Review - SignRequest
+## Scope
+- File: src/Provenance/StellaOps.Provenance.Attestation/Signers.cs
+- Project: src/Provenance/StellaOps.Provenance.Attestation/StellaOps.Provenance.Attestation.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: file defines multiple types (SignRequest, SignResult, IKeyProvider, IAuditSink, NullAuditSink, HmacSigner, ISigner, InMemoryKeyProvider, InMemoryAuditSink, RotatingKeyProvider, ICosignClient, IKmsClient, CosignSigner, KmsSigner); responsibilities may be bundled.
+
+## Maintainability Notes
+- File length 254 lines; consider splitting for readability.
+
+## Recommendations
+- Split types into separate files grouped by responsibility.
+- Extract helpers to reduce file size and complexity.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/StellaOps.Provenance.Attestation/Verification.md

@@ -0,0 +1,16 @@
+# SOLID Review - VerificationResult
+## Scope
+- File: src/Provenance/StellaOps.Provenance.Attestation/Verification.cs
+- Project: src/Provenance/StellaOps.Provenance.Attestation/StellaOps.Provenance.Attestation.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: file defines multiple types (VerificationResult, IVerifier, HmacVerifier, MerkleRootVerifier, ChainOfCustodyVerifier); responsibilities may be bundled.
+- Dependency inversion: static utility types limit substitution; consider abstraction if behavior must vary.
+
+## Maintainability Notes
+- Multiple types in one file can blur ownership boundaries.
+
+## Recommendations
+- Split types into separate files grouped by responsibility.
+- Consider interface-backed abstraction if alternate implementations are needed.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/CanonicalJsonTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - C
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/CanonicalJsonTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: single type definition; cohesive.
+
+## Maintainability Notes
+- Minimal surface area; easy to reason about.
+
+## Recommendations
+- Keep as-is.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/CosignAndKmsSignerTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - CosignAndKmsSignerTests
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/CosignAndKmsSignerTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: file defines multiple types (CosignAndKmsSignerTests, FakeCosignClient, FakeKmsClient, FixedTimeProvider); responsibilities may be bundled.
+
+## Maintainability Notes
+- Multiple types in one file can blur ownership boundaries.
+
+## Recommendations
+- Split types into separate files grouped by responsibility.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/HexTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - H
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/HexTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: single type definition; cohesive.
+
+## Maintainability Notes
+- Minimal surface area; easy to reason about.
+
+## Recommendations
+- Keep as-is.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/MerkleTreeTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - M
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/MerkleTreeTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: single type definition; cohesive.
+
+## Maintainability Notes
+- Minimal surface area; easy to reason about.
+
+## Recommendations
+- Keep as-is.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/PromotionAttestationBuilderTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - P
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/PromotionAttestationBuilderTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: single type definition; cohesive.
+
+## Maintainability Notes
+- Minimal surface area; easy to reason about.
+
+## Recommendations
+- Keep as-is.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/RotatingSignerTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - RotatingSignerTests
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/RotatingSignerTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: file defines multiple types (RotatingSignerTests, TestTimeProvider); responsibilities may be bundled.
+
+## Maintainability Notes
+- Multiple types in one file can blur ownership boundaries.
+
+## Recommendations
+- Split types into separate files grouped by responsibility.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/SampleStatementDigestTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - S
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/SampleStatementDigestTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: single type definition; cohesive.
+
+## Maintainability Notes
+- Minimal surface area; easy to reason about.
+
+## Recommendations
+- Keep as-is.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/SignerTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - S
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/SignerTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: single type definition; cohesive.
+
+## Maintainability Notes
+- Minimal surface area; easy to reason about.
+
+## Recommendations
+- Keep as-is.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/SignersTests.md

@@ -0,0 +1,15 @@
+# SOLID Review - SignersTests
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/SignersTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: file defines multiple types (SignersTests, FakeCosignClient, FakeKmsClient, FakeCryptoHmac); responsibilities may be bundled.
+
+## Maintainability Notes
+- File length 217 lines; consider splitting for readability.
+
+## Recommendations
+- Split types into separate files grouped by responsibility.
+- Extract helpers to reduce file size and complexity.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/TestTimeProvider.md

@@ -0,0 +1,14 @@
+# SOLID Review - T
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/TestTimeProvider.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: single type definition; cohesive.
+
+## Maintainability Notes
+- Minimal surface area; easy to reason about.
+
+## Recommendations
+- Keep as-is.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/ToolEntrypointTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - T
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/ToolEntrypointTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: single type definition; cohesive.
+
+## Maintainability Notes
+- Minimal surface area; easy to reason about.
+
+## Recommendations
+- Keep as-is.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/VerificationLibraryTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - VerificationLibraryTests
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/VerificationLibraryTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: file defines multiple types (VerificationLibraryTests, FakeCryptoHmac); responsibilities may be bundled.
+
+## Maintainability Notes
+- Multiple types in one file can blur ownership boundaries.
+
+## Recommendations
+- Split types into separate files grouped by responsibility.

docs-archived/implplan-blocked/audits/csproj-standards/solid-review/src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/VerificationTests.md

@@ -0,0 +1,14 @@
+# SOLID Review - V
+## Scope
+- File: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/VerificationTests.cs
+- Project: src/Provenance/__Tests/StellaOps.Provenance.Attestation.Tests/StellaOps.Provenance.Attestation.Tests.csproj
+- Date (UTC): 2026-01-31
+
+## Findings
+- Single responsibility: single type definition; cohesive.
+
+## Maintainability Notes
+- Minimal surface area; easy to reason about.
+
+## Recommendations
+- Keep as-is.