stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
docs/features/checked/excititor/automatic-code-not-reachable-vex-justification-generation.md Normal file
View File

@@ -0,0 +1,37 @@
# Automatic code_not_reachable VEX Justification Generation
## Module
Excititor
## Status
VERIFIED
## Description
Automatically generates VEX `code_not_reachable` justifications when reachability slice verdict is "unreachable", including slice digest as evidence reference and supporting OpenVEX, CSAF, and CycloneDX formats. Auto-generated justifications require human approval by default.
## Implementation Details
- **Modules**: `src/Excititor/__Libraries/StellaOps.Excititor.Core/AutoVex/`, `src/Excititor/__Libraries/StellaOps.Excititor.Core/Justification/`, `src/Excititor/__Libraries/StellaOps.Excititor.Core/Reachability/`
- **Key Classes**:
- `VexNotReachableJustification` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/AutoVex/VexNotReachableJustification.cs`) - generates `code_not_reachable` justifications from reachability data
- `ReachabilityJustificationGenerator` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/Justification/ReachabilityJustificationGenerator.cs`) - generates justifications from reachability slice verdicts
- `VexDowngradeGenerator` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/AutoVex/VexDowngradeGenerator.cs`) - generates VEX downgrade statements when code is unreachable
- `AutoVexDowngradeService` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/AutoVex/AutoVexDowngradeService.cs`) - service orchestrating auto-VEX downgrade workflow
- `ReachabilityLatticeUpdater` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/AutoVex/ReachabilityLatticeUpdater.cs`) - updates lattice state with reachability evidence
- `TimeBoxedConfidence` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/AutoVex/TimeBoxedConfidence.cs`) - time-bounded confidence for auto-generated justifications
- `SliceVerdictConsumer` (`src/Excititor/__Libraries/StellaOps.Excititor.Core/Reachability/SliceVerdictConsumer.cs`) - consumes reachability slice verdicts
- **Interfaces**: `ISliceVerdictConsumer`
- **Source**: SPRINT_3830_0001_0001_vex_integration_policy_binding.md
## E2E Test Plan
- [ ] Trigger a reachability slice verdict of "unreachable" and verify `VexNotReachableJustification` generates a `code_not_reachable` justification
- [ ] Verify the generated justification includes the slice digest as evidence reference
- [ ] Verify `AutoVexDowngradeService` marks auto-generated justifications as requiring human approval by default
- [ ] Verify `TimeBoxedConfidence` applies time-bounded confidence decay to auto-generated justifications
- [ ] Verify generated justifications are compatible with OpenVEX, CSAF, and CycloneDX export formats
- [ ] Verify `ReachabilityLatticeUpdater` updates the lattice state when reachability evidence changes
## Verification
- Verified on 2026-02-13 via `run-001`.
- Tier 0: Source files confirmed present on disk.
- Tier 1: `dotnet build` passed (0 errors); 503/504 tests passed (1 env_issue: no local Postgres).
- Tier 2d: `docs/qa/feature-checks/runs/excititor/automatic-code-not-reachable-vex-justification-generation/run-001/tier2-integration-check.json`