Add tests for SBOM generation determinism across multiple formats

- Created `StellaOps.TestKit.Tests` project for unit tests related to determinism.
- Implemented `DeterminismManifestTests` to validate deterministic output for canonical bytes and strings, file read/write operations, and error handling for invalid schema versions.
- Added `SbomDeterminismTests` to ensure identical inputs produce consistent SBOMs across SPDX 3.0.1 and CycloneDX 1.6/1.7 formats, including parallel execution tests.
- Updated project references in `StellaOps.Integration.Determinism` to include the new determinism testing library.

docs2/operations/reachability.md

@@ -0,0 +1,36 @@
+# Reachability operations
+
+Purpose
+- Operate call graph ingestion, reachability computation, and explain queries.
+
+Reachability statuses
+- unreachable, possibly_reachable, reachable_static, reachable_proven, unknown.
+
+Call graph operations
+- Upload call graphs and validate schema.
+- Inspect entrypoints and merge graphs when required.
+- Enforce size limits and deterministic ordering.
+
+Computation
+- Trigger reachability computation per scan or batch.
+- Monitor jobs for timeouts and memory caps.
+- Persist results with graph_cache_epoch for replay.
+
+Explain queries
+- Explain a single finding or batch.
+- Provide alternate paths and reasons for unreachable results.
+
+Drift handling
+- Track changes due to graph updates or reachability algorithm changes.
+- Use drift reports to compare runs and highlight path changes.
+
+Monitoring
+- Track computation latency, queue depth, and explain request rates.
+- Alert on repeated timeouts or inconsistent results.
+
+Related references
+- architecture/reachability-lattice.md
+- architecture/reachability-evidence.md
+- operations/score-proofs.md
+- docs/operations/reachability-runbook.md
+- docs/operations/reachability-drift-guide.md