# Path-Scope Simulation Bridge

## Module
Policy

## Status
IMPLEMENTED

## Description
Scoped simulation that evaluates policy changes against specific artifact paths rather than the entire estate.

## Implementation Details
- **PathScopeSimulationEndpoint**: `src/Policy/StellaOps.Policy.Engine/Endpoints/PathScopeSimulationEndpoint.cs` -- REST endpoint for path-scoped simulation
- **WhatIfSimulationService**: `src/Policy/StellaOps.Policy.Engine/WhatIfSimulation/WhatIfSimulationService.cs`
  - `SimulateAsync()` computes baseline vs simulated decisions for targeted artifacts
  - SBOM diff operations (add/remove/upgrade/downgrade) scoped to specific artifact paths
  - Decision changes: status_changed, severity_changed, new, removed
  - Impact summary: risk delta (increased/decreased/unchanged), blocked/warning deltas, recommendations
- **RiskSimulationService**: `src/Policy/StellaOps.Policy.Engine/Simulation/RiskSimulationService.cs`
  - `SimulateWithBreakdown()` -- full simulation with severity distribution and top movers
  - `CompareProfilesWithBreakdown()` -- profile comparison with delta analysis
  - Signal-based scoring for targeted paths
- **ConsoleSimulationDiffService**: `src/Policy/StellaOps.Policy.Engine/Console/ConsoleSimulationDiffService.cs`
  - Schema version: console-policy-23-001
  - Deterministic before/after severity breakdowns for scoped paths
- **OverlaySimulationEndpoint**: `src/Policy/StellaOps.Policy.Engine/Endpoints/OverlaySimulationEndpoint.cs` -- overlay simulation for policy rule changes

## E2E Test Plan
- [ ] POST path-scope simulation for specific artifact digest; verify simulation results scoped to that artifact only
- [ ] Simulate adding a component to a specific path; verify delta shows new findings for that path
- [ ] Simulate removing a component from a specific path; verify delta shows removed findings
- [ ] Simulate upgrade on path A; verify path B findings are unchanged in delta
- [ ] Verify simulation response includes before/after severity breakdowns for the scoped path
- [ ] Verify simulation response includes risk delta (increased/decreased/unchanged)
- [ ] Verify simulation response includes top movers within the scoped path
- [ ] Verify console simulation diff produces deterministic output for same inputs