stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
docs/features/checked/sbomservice/sbom-verdict-linking-table.md Normal file
View File

@@ -0,0 +1,28 @@
# SBOM-Verdict Linking Table
## Module
SbomService
## Status
IMPLEMENTED
## Description
Join table linking SBOM versions to VEX consensus verdicts per CVE. Fully implemented with PostgreSQL persistence, in-memory test implementation, and lineage integration.
## Implementation Details
- **Persistence interface (Persistence layer)**: `src/SbomService/__Libraries/StellaOps.SbomService.Persistence/Repositories/ISbomVerdictLinkRepository.cs` -- `LinkAsync`, `LinkBatchAsync`, `GetVerdictsBySbomAsync`, `GetSbomsByCveAsync`, `GetSbomsByStatusAsync`
- **Postgres implementation**: `src/SbomService/__Libraries/StellaOps.SbomService.Persistence/Postgres/Repositories/PostgresSbomVerdictLinkRepository.cs` -- PostgreSQL verdict link storage with upsert on conflict
- **Lineage interface**: `src/SbomService/__Libraries/StellaOps.SbomService.Lineage/Repositories/ISbomVerdictLinkRepository.cs` -- lineage-layer verdict link contract
- **Lineage Postgres implementation**: `src/SbomService/__Libraries/StellaOps.SbomService.Lineage/Repositories/SbomVerdictLinkRepository.cs` -- `sbom.sbom_verdict_links` table with columns: sbom_version_id, cve, consensus_projection_id, verdict_status, confidence_score, tenant_id; upsert on `(sbom_version_id, cve, tenant_id)` conflict
- **Schema migration**: `src/SbomService/__Libraries/StellaOps.SbomService.Lineage/Persistence/Migrations/00001_InitialSchema.sql` -- creates `sbom_verdict_links` table
- **DI registration**: `src/SbomService/__Libraries/StellaOps.SbomService.Lineage/DependencyInjection/ServiceCollectionExtensions.cs` -- registers verdict link repository
- **Lineage domain**: `src/SbomService/__Libraries/StellaOps.SbomService.Lineage/Domain/LineageModels.cs` -- `SbomVerdictLink` model
- **Tests**: `src/SbomService/__Tests/StellaOps.SbomService.Lineage.Tests/Domain/LineageModelsTests.cs`
- **Source**: Feature matrix scan
## E2E Test Plan
- [ ] Verify SBOM-to-verdict linking creates records in `sbom_verdict_links` table
- [ ] Test batch linking of multiple verdicts per SBOM version
- [ ] Verify query by CVE returns all linked SBOM versions
- [ ] Test query by verdict status with limit parameter
- [ ] Verify upsert behavior on `(sbom_version_id, cve, tenant_id)` conflict