# Remediation PR Predicate Schema v1

## Predicate Type

`https://stellaops.io/predicates/remediation-pr/v1`

## Purpose

Records the verification outcome of a remediation pull request, including scan delta evidence, reachability impact, and the signed fix-chain envelope. This predicate is produced at the end of the verification pipeline and attests that a specific PR either did or did not remediate the targeted CVE.

## Subject

The subject is the PR submission record, identified by its UUID:

```json
{
  "subject": [
    {
      "name": "pr-submission",
      "digest": {
        "sha256": "<submission-record-digest>"
      }
    }
  ]
}
```

## Predicate Fields

| Field | Type | Required | Description |
|-------|------|----------|-------------|
| `cveId` | string | yes | The CVE identifier being remediated |
| `prUrl` | string | yes | URL of the pull request |
| `repositoryUrl` | string | yes | URL of the target repository |
| `sourceBranch` | string | yes | Source branch of the PR |
| `targetBranch` | string | yes | Target branch of the PR |
| `fixTemplateId` | string (UUID) | no | ID of the fix template used, if any |
| `preScanDigest` | string | no | SHA-256 digest of the pre-merge SBOM scan |
| `postScanDigest` | string | no | SHA-256 digest of the post-merge SBOM scan |
| `reachabilityDeltaDigest` | string | no | SHA-256 digest of the reachability delta report |
| `verdict` | string | yes | Verification outcome: `fixed`, `partial`, `not_fixed`, `inconclusive` |
| `affectedPaths` | string[] | no | Call graph paths affected by the fix |
| `contributorId` | string (UUID) | no | ID of the contributor who submitted the fix |
| `contributorTrustScore` | number | no | Trust score of the contributor at verification time |
| `verifiedAt` | string (ISO 8601) | yes | Timestamp of verification completion |

## Example

```json
{
  "_type": "https://in-toto.io/Statement/v1",
  "subject": [
    {
      "name": "pr-submission",
      "digest": { "sha256": "abc123..." }
    }
  ],
  "predicateType": "https://stellaops.io/predicates/remediation-pr/v1",
  "predicate": {
    "cveId": "CVE-2024-1234",
    "prUrl": "https://github.com/org/repo/pull/42",
    "repositoryUrl": "https://github.com/org/repo",
    "sourceBranch": "fix/CVE-2024-1234",
    "targetBranch": "main",
    "fixTemplateId": "a1b2c3d4-...",
    "preScanDigest": "sha256:aaa...",
    "postScanDigest": "sha256:bbb...",
    "reachabilityDeltaDigest": "sha256:ccc...",
    "verdict": "fixed",
    "affectedPaths": [
      "com.example.App -> org.vuln.Lib.method()"
    ],
    "contributorId": "e5f6g7h8-...",
    "contributorTrustScore": 0.85,
    "verifiedAt": "2026-02-20T14:30:00Z"
  }
}
```

## Envelope

The predicate is wrapped in a DSSE envelope and signed by the Remediation module's signing key. The `fixChainDsseDigest` on the `PrSubmission` record stores the SHA-256 digest of this envelope.

## Related

- [Remediation Architecture](../modules/remediation/architecture.md)
- [Triage Suppress Predicate](triage-suppress-v1.md)
- [Execution Evidence Contract](execution-evidence-v1.md)