Refactored 8 files across StellaOps.Provcache, StellaOps.Provcache.Postgres, and StellaOps.Provcache.Valkey:
Core Provcache library:
- EvidenceChunker: Added IGuidProvider for ChunkId generation in ChunkAsync/ChunkStreamAsync
- LazyFetchOrchestrator: Added IGuidProvider for ChunkId generation when storing fetched chunks
- MinimalProofExporter: Added IGuidProvider for ChunkId generation in ImportAsync
- FeedEpochAdvancedEvent: Added optional eventId/timestamp parameters to static Create()
- SignerRevokedEvent: Added optional eventId/timestamp parameters to static Create()
Postgres implementation:
- PostgresProvcacheRepository: Added TimeProvider and IGuidProvider for IncrementHitCountAsync,
GetStatisticsAsync, LogRevocationAsync, and MapToEntity
- PostgresEvidenceChunkRepository: Added TimeProvider and IGuidProvider for GetManifestAsync and MapToEntity
Valkey implementation:
- ValkeyProvcacheStore: Added TimeProvider for TTL calculations in GetAsync, SetAsync, SetManyAsync
All constructors use optional parameters with defaults to system implementations for backward compatibility.
Added StellaOps.Determinism.Abstractions project references where needed.
Sprint: SPRINT_20251229_049_BE_csproj_audit_maint_tests
Tasks: AUDIT-0001 through AUDIT-0147 APPLY tasks (approved decisions 1-9)
Changes:
- Set TreatWarningsAsErrors=true for all production .NET projects
- Fixed nullable warnings in Scanner.EntryTrace, Scanner.Evidence,
Scheduler.Worker, Concelier connectors, and other modules
- Injected TimeProvider/IGuidProvider for deterministic time/ID generation
- Added path traversal validation in AirGap.Bundle
- Fixed NULL handling in various cursor classes
- Third-party GostCryptography retains TreatWarningsAsErrors=false (preserves original)
- Test projects excluded per user decision (rejected decision 10)
Note: All 17 ACSC connector tests pass after snapshot fixture sync
Introduces CGS determinism test runs to CI workflows for Windows, macOS, Linux, Alpine, and Debian, fulfilling CGS-008 cross-platform requirements. Updates local-ci scripts to support new smoke steps, test timeouts, progress intervals, and project slicing for improved test isolation and diagnostics.
- Implement `SbomVexOrderingDeterminismProperties` for testing component list and vulnerability metadata hash consistency.
- Create `UnicodeNormalizationDeterminismProperties` to validate NFC normalization and Unicode string handling.
- Add project file for `StellaOps.Testing.Determinism.Properties` with necessary dependencies.
- Introduce CI/CD template validation tests including YAML syntax checks and documentation content verification.
- Create validation script for CI/CD templates ensuring all required files and structures are present.
- Implemented comprehensive tests for verdict artifact generation to ensure deterministic outputs across various scenarios, including identical inputs, parallel execution, and change ordering.
- Created helper methods for generating sample verdict inputs and computing canonical hashes.
- Added tests to validate the stability of canonical hashes, proof spine ordering, and summary statistics.
- Introduced a new PowerShell script to update SHA256 sums for files, ensuring accurate hash generation and file integrity checks.
