Add tests for SBOM generation determinism across multiple formats

- Created `StellaOps.TestKit.Tests` project for unit tests related to determinism. - Implemented `DeterminismManifestTests` to validate deterministic output for canonical bytes and strings, file read/write operations, and error handling for invalid schema versions. - Added `SbomDeterminismTests` to ensure identical inputs produce consistent SBOMs across SPDX 3.0.1 and CycloneDX 1.6/1.7 formats, including parallel execution tests. - Updated project references in `StellaOps.Integration.Determinism` to include the new determinism testing library.
2025-12-23 18:56:12 +02:00
parent 7ac70ece71
commit bc4318ef97
88 changed files with 6974 additions and 1230 deletions
--- a/docs2/risk/api.md
+++ b/docs2/risk/api.md
@@ -0,0 +1,36 @@
+# Risk API
+
+Purpose
+- Expose risk jobs, profiles, simulations, explainability, and exports.
+
+Endpoints (v1)
+- POST /api/v1/risk/jobs: submit scoring job.
+- GET /api/v1/risk/jobs/{job_id}: job status and results.
+- GET /api/v1/risk/explain/{job_id}: explainability payload.
+- GET /api/v1/risk/profiles: list profiles with hashes and versions.
+- POST /api/v1/risk/profiles: create or update profiles with DSSE metadata.
+- POST /api/v1/risk/simulations: dry-run scoring with fixtures.
+- GET /api/v1/risk/export/{job_id}: export bundle for audit.
+
+Auth and tenancy
+- Headers: X-Stella-Tenant, Authorization Bearer token.
+- Optional X-Stella-Scope for imposed rule reminders.
+
+Error model
+- Envelope: code, message, correlation_id, severity, remediation.
+- Rate-limit headers: Retry-After, X-RateLimit-Remaining.
+- ETag headers for profile and explain responses.
+
+Feature flags
+- risk.jobs, risk.explain, risk.simulations, risk.export.
+
+Determinism and offline
+- Samples in docs/risk/samples/api/ with SHA256SUMS.
+- Stable field ordering and UTC timestamps.
+
+Related references
+- risk/overview.md
+- risk/profiles.md
+- risk/factors.md
+- risk/formulas.md
+- risk/explainability.md