namespace StellaOps.Policy.Unknowns.Models;

/// <summary>
/// Canonical reason codes explaining why a component is marked as unknown.
/// Each code maps to a specific remediation action.
/// </summary>
public enum UnknownReasonCode
{
    /// <summary>
    /// U-RCH: Call path analysis is indeterminate.
    /// The reachability analyzer cannot confirm or deny exploitability.
    /// </summary>
    Reachability,

    /// <summary>
    /// U-ID: Ambiguous package identity or missing digest.
    /// Cannot uniquely identify the component (e.g., missing PURL, no checksum).
    /// </summary>
    Identity,

    /// <summary>
    /// U-PROV: Cannot map binary artifact to source repository.
    /// Provenance chain is broken or unavailable.
    /// </summary>
    Provenance,

    /// <summary>
    /// U-VEX: VEX statements conflict or missing applicability data.
    /// Multiple VEX sources disagree or no VEX coverage exists.
    /// </summary>
    VexConflict,

    /// <summary>
    /// U-FEED: Required knowledge source is missing or stale.
    /// Advisory feed gap (e.g., no NVD/OSV data for this package).
    /// </summary>
    FeedGap,

    /// <summary>
    /// U-CONFIG: Feature flag or configuration not observable.
    /// Cannot determine if vulnerable code path is enabled at runtime.
    /// </summary>
    ConfigUnknown,

    /// <summary>
    /// U-ANALYZER: Language or framework not supported by analyzer.
    /// Static analysis tools do not cover this ecosystem.
    /// </summary>
    AnalyzerLimit
}