stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Fix build and code structure improvements. New but essential UI functionality. CI improvements. Documentation improvements. AI module improvements.

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-26 21:54:17 +02:00
parent 335ff7da16
commit c2b9cd8d1f
3717 changed files with 264714 additions and 48202 deletions
Download Patch File Download Diff File Expand all files Collapse all files

132
src/Policy/StellaOps.Policy.Engine/ReachabilityFacts/IReachabilityFactsSignalsClient.cs
View File

@@ -34,6 +34,138 @@ public interface IReachabilityFactsSignalsClient
Task<bool> TriggerRecomputeAsync(
SignalsRecomputeRequest request,
CancellationToken cancellationToken = default);
/// <summary>
/// Gets a reachability fact with its associated subgraph slice.
/// Fetches from Signals for the fact and ReachGraph Store for the subgraph.
/// </summary>
/// <param name="subjectKey">Subject key (scan ID or component key).</param>
/// <param name="cveId">Optional CVE ID to slice by.</param>
/// <param name="cancellationToken">Cancellation token.</param>
/// <returns>The reachability fact with subgraph, or null if not found.</returns>
Task<ReachabilityFactWithSubgraph?> GetWithSubgraphAsync(
string subjectKey,
string? cveId = null,
CancellationToken cancellationToken = default);
}
/// <summary>
/// Response containing both the reachability fact and its subgraph slice.
/// </summary>
public sealed record ReachabilityFactWithSubgraph(
SignalsReachabilityFactResponse Fact,
ReachGraphSlice? Subgraph);
/// <summary>
/// Represents a slice of the reachability graph for a specific query.
/// </summary>
public sealed record ReachGraphSlice
{
/// <summary>
/// Schema version.
/// </summary>
public string? SchemaVersion { get; init; }
/// <summary>
/// Slice query information.
/// </summary>
public ReachGraphSliceQuery? SliceQuery { get; init; }
/// <summary>
/// Parent graph digest.
/// </summary>
public string? ParentDigest { get; init; }
/// <summary>
/// BLAKE3 digest of this slice.
/// </summary>
public string? Digest { get; init; }
/// <summary>
/// Nodes in the slice.
/// </summary>
public List<ReachGraphSliceNode>? Nodes { get; init; }
/// <summary>
/// Edges in the slice.
/// </summary>
public List<ReachGraphSliceEdge>? Edges { get; init; }
/// <summary>
/// Number of nodes.
/// </summary>
public int NodeCount { get; init; }
/// <summary>
/// Number of edges.
/// </summary>
public int EdgeCount { get; init; }
/// <summary>
/// Sink node IDs.
/// </summary>
public List<string>? Sinks { get; init; }
/// <summary>
/// Paths from entrypoints to sinks.
/// </summary>
public List<ReachGraphPath>? Paths { get; init; }
}
/// <summary>
/// Slice query information.
/// </summary>
public sealed record ReachGraphSliceQuery
{
public string? Type { get; init; }
public string? Query { get; init; }
public string? Cve { get; init; }
}
/// <summary>
/// Node in a reachability graph slice.
/// </summary>
public sealed record ReachGraphSliceNode
{
public string? Id { get; init; }
public string? Kind { get; init; }
public string? Ref { get; init; }
public string? File { get; init; }
public int? Line { get; init; }
public bool IsEntrypoint { get; init; }
public bool IsSink { get; init; }
}
/// <summary>
/// Edge in a reachability graph slice.
/// </summary>
public sealed record ReachGraphSliceEdge
{
public string? From { get; init; }
public string? To { get; init; }
public ReachGraphEdgeExplanation? Why { get; init; }
}
/// <summary>
/// Edge explanation in a reachability graph.
/// </summary>
public sealed record ReachGraphEdgeExplanation
{
public string? Type { get; init; }
public string? Loc { get; init; }
public string? Guard { get; init; }
public double Confidence { get; init; }
}
/// <summary>
/// Path from entrypoint to sink.
/// </summary>
public sealed record ReachGraphPath
{
public string? Entrypoint { get; init; }
public string? Sink { get; init; }
public List<string>? Hops { get; init; }
public List<ReachGraphSliceEdge>? Edges { get; init; }
}
/// <summary>