stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
docs/features/checked/libraries/replay-manifest.md Normal file
View File

@@ -0,0 +1,41 @@
# Replay Manifest (Deterministic Replay)
## Module
__Libraries
## Status
VERIFIED
## Description
Complete replay manifest system with versioning, export, validation, CAS (content-addressed storage) integration, and reachability-specific replay writers. Enables deterministic re-computation of verdicts.
## Implementation Details
- **ReplayManifest**: `src/__Libraries/StellaOps.Replay.Core/ReplayManifest.cs` -- core manifest model with versioned schema
- **ReplayManifestVersions**: `src/__Libraries/StellaOps.Replay.Core/ReplayManifestVersions.cs` -- version tracking and migration
- **ReplayManifestExtensions**: `src/__Libraries/StellaOps.Replay.Core/ReplayManifestExtensions.cs` -- helper extensions
- **ReplayManifestExporter**: `src/__Libraries/StellaOps.Replay.Core/ReplayManifestExporter.cs` -- multi-partial export pipeline: `.Export.cs` (main export flow), `.BuildInputs.cs` (input artifact refs), `.BuildOutputs.cs` (output artifact refs), `.BuildToolchain.cs` (tool version pinning), `.BuildVerification.cs` (verification metadata), `.Hashing.cs` (content-addressed hashing), `.Metadata.cs` (export metadata), `.Verify.cs` (post-export verification), `.Convert.cs` (format conversion)
- **ReplayManifestWriter**: `src/__Libraries/StellaOps.Replay.Core/ReplayManifestWriter.cs` -- `.Manifest.cs` (manifest file writing)
- **ReachabilityReplayWriter**: `src/__Libraries/StellaOps.Replay.Core/ReachabilityReplayWriter.cs` -- reachability-specific: `.Graphs.cs` (graph serialization), `.Hashing.cs` (graph digest), `.Traces.cs` (trace recording)
- **StellaReplayBundleWriter**: `src/__Libraries/StellaOps.Replay.Core/StellaReplayBundleWriter.cs` -- multi-partial: `.Entries.cs`, `.Sections.Config.cs`, `.Sections.Content.cs`, `.Sections.Outputs.cs`, `.Sign.cs` (DSSE signing), `.Write.cs` (bundle writing)
- **Export Models**: `src/__Libraries/StellaOps.Replay.Core/` -- ExportArtifactRef, ExportCiEnvironment, ExportFeedSnapshot, ExportFindingsSummary, ExportInputArtifacts, ExportOutputArtifacts, ExportPolicyBundle, ExportReachabilityInput, ExportSbomInput, ExportToolchainInfo, ExportVerificationInfo, ExportVexInput, ExportSnapshotInfo, ExportMetadataInfo
- **Pinning Models**: `src/__Libraries/StellaOps.Replay.Core/` -- FeedVersion, KnowledgeSnapshot, LatticeConfig, PolicyBundleRef, RandomSeed, ReachSubgraphRef, SbomRef, TrustConfig, VexDocRef
- **Tests**: `src/__Libraries/StellaOps.Replay.Core.Tests/`
- **Source**: Feature matrix scan
## E2E Test Plan
- [ ] Verify replay manifest captures all input hashes (feed, SBOM, VEX, policy, tool versions)
- [ ] Test manifest export produces complete bundle with inputs, outputs, toolchain, verification sections
- [ ] Verify ReachabilityReplayWriter serializes graphs with deterministic hashing
- [ ] Test StellaReplayBundleWriter produces DSSE-signed bundles
- [ ] Verify manifest versioning enables backward-compatible upgrades
- [ ] Test export verification detects tampered bundles
- [ ] Verify CAS references maintain content integrity across export/import
- [ ] Test manifest round-trip: export -> import produces identical manifest
## Verification
- **Verified**: 2026-02-13T20:30:00Z
- **Run**: run-001
- **Tier**: Tier 2d (Library/Internal)
- **Verdict**: PASS