archive audit attempts

docs-archived/implplan-blocked/audits/src/Signer/__Libraries/StellaOps.Signer.KeyManagement/StellaOps.Signer.KeyManagement.csproj

@@ -0,0 +1,99 @@
+# Audit - StellaOps.Signer.KeyManagement
+
+## Project
+- Path: ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/StellaOps.Signer.KeyManagement.csproj
+- Module: ..
+- Kind: Library
+- Audit date (UTC): 2026-01-30
+- Files scanned: 14
+- Files with issues: 14
+- File-level report: docs/implplan/audits/csproj-standards/file-audit.csv
+
+## Coding Standards Findings
+- Status: FAIL
+- Nullable: enable
+- TreatWarningsAsErrors: explicit true
+- Deterministic: inherited true
+- 100-line rule violations: 6
+- Namespace violations: 14
+- Using directive violations: 0
+- Naming violations (interfaces/fields/const/async): 0
+- Service locator usage (BuildServiceProvider/GetService): 0
+- Assembly.LoadFrom usage: 0
+
+### Details
+- 100-line files:
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/IKeyRotationService.cs (286 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/ITrustAnchorManager.cs (230 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/KeyRotationAuditRepository.cs (412 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/KeyRotationService.cs (538 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/TrustAnchorManager.cs (419 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/Entities/KeyEntities.cs (175 lines)
+- Namespace issues:
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/IKeyRotationService.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/ITrustAnchorManager.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/KeyManagementDbContext.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/KeyRotationAuditRepository.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/KeyRotationService.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/TrustAnchorManager.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/Entities/KeyEntities.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/Entities/TrustAnchorEntity.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Debug/net10.0/StellaOps.Signer.KeyManagement.AssemblyInfo.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Debug/net10.0/StellaOps.Signer.KeyManagement.GlobalUsings.g.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Release/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Release/net10.0/StellaOps.Signer.KeyManagement.AssemblyInfo.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Release/net10.0/StellaOps.Signer.KeyManagement.GlobalUsings.g.cs: missing namespace
+- Using directive issues:
+  - none
+- Naming issues:
+  - none
+- Async issues:
+  - none
+- Service locator matches:
+  - none
+- Assembly.LoadFrom matches:
+  - none
+
+### Fix Guidance
+- Normalize namespaces to file-scoped StellaOps.<Area>.
+- Split files over 100 lines into smaller types or partials.
+
+## File-Level Findings
+- Status: FAIL
+- Files scanned: 14
+- Files with issues: 14
+- See docs/implplan/audits/csproj-standards/file-audit.csv for full per-file status.
+
+| File | Issues | Fix guidance |
+| --- | --- | --- |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/IKeyRotationService.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/ITrustAnchorManager.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/KeyManagementDbContext.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/KeyRotationAuditRepository.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/KeyRotationService.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/TrustAnchorManager.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/Entities/KeyEntities.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/Entities/TrustAnchorEntity.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Debug/net10.0/StellaOps.Signer.KeyManagement.AssemblyInfo.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Debug/net10.0/StellaOps.Signer.KeyManagement.GlobalUsings.g.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Release/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Release/net10.0/StellaOps.Signer.KeyManagement.AssemblyInfo.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.KeyManagement/obj/Release/net10.0/StellaOps.Signer.KeyManagement.GlobalUsings.g.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+
+## Testing Fullness Findings
+- Status: FAIL
+- Expected layers (heuristic): Unit
+- Detected test projects: ../src/__Tests/__Benchmarks/proof-chain/StellaOps.Bench.ProofChain.csproj [Performance] (no test attributes detected)
+- Missing layers: Unit
+
+### Manual checks required
+- Observability contract tests for WebService/Worker.
+- Intent tags for regulatory modules (Policy, Authority, Signer, Attestor, EvidenceLocker).
+- Offline execution (tests must run without network access).
+- Coverage matrix alignment (docs/technical/testing/TEST_COVERAGE_MATRIX.md).
+
+### Fix Guidance
+- Add or expand test projects to cover missing layers.
+- Ensure tests use deterministic fixtures and offline harnesses.

docs-archived/implplan-blocked/audits/src/Signer/__Libraries/StellaOps.Signer.Keyless/StellaOps.Signer.Keyless.csproj

@@ -0,0 +1,110 @@
+# Audit - StellaOps.Signer.Keyless
+
+## Project
+- Path: ../src/Signer/__Libraries/StellaOps.Signer.Keyless/StellaOps.Signer.Keyless.csproj
+- Module: ..
+- Kind: Library
+- Audit date (UTC): 2026-01-30
+- Files scanned: 18
+- Files with issues: 18
+- File-level report: docs/implplan/audits/csproj-standards/file-audit.csv
+
+## Coding Standards Findings
+- Status: FAIL
+- Nullable: enable
+- TreatWarningsAsErrors: explicit true
+- Deterministic: inherited true
+- 100-line rule violations: 9
+- Namespace violations: 18
+- Using directive violations: 0
+- Naming violations (interfaces/fields/const/async): 0
+- Service locator usage (BuildServiceProvider/GetService): 0
+- Assembly.LoadFrom usage: 0
+
+### Details
+- 100-line files:
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/AmbientOidcTokenProvider.cs (188 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/EphemeralKeyPair.cs (152 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/HttpFulcioClient.cs (309 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/ICertificateChainValidator.cs (528 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/IFulcioClient.cs (108 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/IOidcTokenProvider.cs (132 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/KeylessDsseSigner.cs (209 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/KeylessSigningExceptions.cs (135 lines)
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/SignerKeylessOptions.cs (171 lines)
+- Namespace issues:
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/AmbientOidcTokenProvider.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/EphemeralKeyGenerator.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/EphemeralKeyPair.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/HttpFulcioClient.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/ICertificateChainValidator.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/IEphemeralKeyGenerator.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/IFulcioClient.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/IOidcTokenProvider.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/KeylessDsseSigner.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/KeylessSigningExceptions.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/ServiceCollectionExtensions.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/SignerKeylessOptions.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Debug/net10.0/StellaOps.Signer.Keyless.AssemblyInfo.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Debug/net10.0/StellaOps.Signer.Keyless.GlobalUsings.g.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Release/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Release/net10.0/StellaOps.Signer.Keyless.AssemblyInfo.cs: missing namespace
+  - ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Release/net10.0/StellaOps.Signer.Keyless.GlobalUsings.g.cs: missing namespace
+- Using directive issues:
+  - none
+- Naming issues:
+  - none
+- Async issues:
+  - none
+- Service locator matches:
+  - none
+- Assembly.LoadFrom matches:
+  - none
+
+### Fix Guidance
+- Normalize namespaces to file-scoped StellaOps.<Area>.
+- Split files over 100 lines into smaller types or partials.
+
+## File-Level Findings
+- Status: FAIL
+- Files scanned: 18
+- Files with issues: 18
+- See docs/implplan/audits/csproj-standards/file-audit.csv for full per-file status.
+
+| File | Issues | Fix guidance |
+| --- | --- | --- |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/AmbientOidcTokenProvider.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/EphemeralKeyGenerator.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/EphemeralKeyPair.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/HttpFulcioClient.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/ICertificateChainValidator.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/IEphemeralKeyGenerator.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/IFulcioClient.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/IOidcTokenProvider.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/KeylessDsseSigner.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/KeylessSigningExceptions.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/ServiceCollectionExtensions.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/SignerKeylessOptions.cs | FileLength>100; NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>;; Split file to stay <= 100 lines. |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Debug/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Debug/net10.0/StellaOps.Signer.Keyless.AssemblyInfo.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Debug/net10.0/StellaOps.Signer.Keyless.GlobalUsings.g.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Release/net10.0/.NETCoreApp,Version=v10.0.AssemblyAttributes.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Release/net10.0/StellaOps.Signer.Keyless.AssemblyInfo.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+| ../src/Signer/__Libraries/StellaOps.Signer.Keyless/obj/Release/net10.0/StellaOps.Signer.Keyless.GlobalUsings.g.cs | NamespaceMissing | Add file-scoped namespace: namespace StellaOps.<Area>; |
+
+## Testing Fullness Findings
+- Status: FAIL
+- Expected layers (heuristic): Unit
+- Detected test projects: none
+- Missing layers: Unit
+
+### Manual checks required
+- Observability contract tests for WebService/Worker.
+- Intent tags for regulatory modules (Policy, Authority, Signer, Attestor, EvidenceLocker).
+- Offline execution (tests must run without network access).
+- Coverage matrix alignment (docs/technical/testing/TEST_COVERAGE_MATRIX.md).
+
+### Fix Guidance
+- Add or expand test projects to cover missing layers.
+- Ensure tests use deterministic fixtures and offline harnesses.