{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://stellaops.dev/schemas/evidence/stellaops-evidence-pack.v1.schema.json", "title": "StellaOps Evidence Pack (v1)", "description": "Deterministic evidence pack manifest for audit and replay workflows.", "type": "object", "additionalProperties": false, "required": [ "_type", "packId", "generatedAt", "tenantId", "manifestVersion", "contents" ], "properties": { "_type": { "type": "string", "const": "https://stellaops.dev/evidence-pack@v1" }, "packId": { "type": "string", "minLength": 1 }, "generatedAt": { "type": "string", "format": "date-time", "description": "UTC timestamp when the pack was assembled." }, "tenantId": { "type": "string", "minLength": 1 }, "policyRunId": { "type": "string" }, "policyId": { "type": "string" }, "policyVersion": { "type": "integer", "minimum": 0 }, "manifestVersion": { "type": "string", "minLength": 1 }, "contents": { "type": "object", "additionalProperties": false, "properties": { "policy": { "$ref": "#/$defs/contentArray" }, "sbom": { "$ref": "#/$defs/contentArray" }, "advisories": { "$ref": "#/$defs/contentArray" }, "vex": { "$ref": "#/$defs/contentArray" }, "verdicts": { "$ref": "#/$defs/contentArray" }, "reachability": { "$ref": "#/$defs/contentArray" }, "attestations": { "$ref": "#/$defs/contentArray" } } }, "statistics": { "type": "object", "additionalProperties": false, "properties": { "totalFiles": { "type": "integer", "minimum": 0 }, "totalSize": { "type": "integer", "minimum": 0 }, "componentCount": { "type": "integer", "minimum": 0 }, "findingCount": { "type": "integer", "minimum": 0 }, "verdictCount": { "type": "integer", "minimum": 0 }, "advisoryCount": { "type": "integer", "minimum": 0 }, "vexStatementCount": { "type": "integer", "minimum": 0 } } }, "determinismHash": { "type": "string", "pattern": "^sha256:[0-9a-f]{64}$" }, "signatures": { "type": "array", "items": { "$ref": "#/$defs/signature" } }, "transparency": { "type": "object", "additionalProperties": false, "properties": { "rekorEntries": { "type": "array", "items": { "$ref": "#/$defs/rekorEntry" } } } }, "timestamps": { "type": "array", "items": { "$ref": "#/$defs/timestampEntry" } } }, "$defs": { "contentArray": { "type": "array", "items": { "$ref": "#/$defs/contentEntry" } }, "contentEntry": { "type": "object", "additionalProperties": false, "required": ["path", "digest", "size", "mediaType"], "properties": { "path": { "type": "string", "minLength": 1 }, "digest": { "type": "string", "pattern": "^(sha256|sha384|sha512):[0-9a-f]{64,128}$" }, "size": { "type": "integer", "minimum": 0 }, "mediaType": { "type": "string", "minLength": 1 }, "capturedAt": { "type": "string", "format": "date-time" }, "attributes": { "type": "object", "additionalProperties": { "type": "string" } } } }, "signature": { "type": "object", "additionalProperties": false, "required": ["keyId", "algorithm", "signature", "signedAt"], "properties": { "keyId": { "type": "string", "minLength": 1 }, "algorithm": { "type": "string", "minLength": 1 }, "signature": { "type": "string", "minLength": 1 }, "signedAt": { "type": "string", "format": "date-time" } } }, "rekorEntry": { "type": "object", "additionalProperties": false, "required": ["uuid", "logIndex"], "properties": { "uuid": { "type": "string", "minLength": 1 }, "logIndex": { "type": "integer", "minimum": 0 }, "rootHash": { "type": "string" }, "inclusionProofPath": { "type": "string" }, "logUrl": { "type": "string" } } }, "timestampEntry": { "type": "object", "additionalProperties": false, "required": ["tokenPath", "hashAlgorithm"], "properties": { "tokenPath": { "type": "string", "minLength": 1 }, "hashAlgorithm": { "type": "string", "minLength": 1 }, "signedAt": { "type": "string", "format": "date-time" }, "tsaName": { "type": "string" }, "tsaUrl": { "type": "string" } } } } }