stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
docs/features/checked/scanner/deterministic-diff-aware-rescans.md Normal file
View File

@@ -0,0 +1,53 @@
# Deterministic Diff-Aware Rescans (SmartDiff / Diff-Native CI)
## Module
Scanner
## Status
VERIFIED
## Description
SmartDiff with golden fixture tests, schema validation, state comparison, reachability gates, SARIF output, performance benchmarks, and layer caching for diff-native CI capability.
## Implementation Details
- **SmartDiff Core**:
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/SmartDiffPredicate.cs` - SmartDiff predicate model
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/SmartDiffJsonSerializer.cs` - JSON serialization for determinism
- **Detection Engine**:
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Detection/MaterialRiskChangeDetector.cs` - Detects material risk changes between scans
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Detection/MaterialRiskChangeResult.cs` - Detection result model
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Detection/RiskStateSnapshot.cs` - Risk state snapshot for comparison
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Detection/SmartDiffScoringConfig.cs` - Scoring configuration
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Detection/BoundaryProof.cs` - Boundary proof model
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Detection/ReachabilityGateBridge.cs` - Reachability gate integration
- **VEX Candidate Emission**:
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Detection/VexCandidateEmitter.cs`
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Detection/VexCandidateModels.cs`
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Detection/VexEvidence.cs`
- **SARIF Output**:
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Output/SarifOutputGenerator.cs` - SARIF 2.1.0 output for CI integration
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Output/SarifModels.cs` - SARIF models
- **Attestation**:
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Attestation/DeltaVerdictBuilder.cs` - Builds delta verdicts
- `src/Scanner/__Libraries/StellaOps.Scanner.SmartDiff/Attestation/DeltaVerdictOciPublisher.cs` - Publishes delta verdicts to OCI
- **API**: `src/Scanner/StellaOps.Scanner.WebService/Endpoints/SmartDiffEndpoints.cs` - SmartDiff REST API
## E2E Test Plan
- [ ] Run a SmartDiff between two scan versions and verify material risk changes are detected
- [ ] Verify golden fixture tests produce deterministic SmartDiff output
- [ ] Verify SmartDiff schema validation passes for generated predicates
- [ ] Verify SARIF output contains diff-aware findings suitable for CI integration
- [ ] Verify reachability gate context is included in SmartDiff results
- [ ] Verify VEX candidates are emitted from SmartDiff detection results
- [ ] Verify delta verdicts can be published to OCI registry
---
## Verification
| Check | Result |
|-------|--------|
| Tier 0 - Source files exist | PASS |
| Tier 1 - Build + code review | PASS |
| Tier 2 - Integration tests | PASS |
| Verified | 2026-02-13T18:10:00Z |