using StellaOps.BinaryIndex.Core.Models;

namespace StellaOps.BinaryIndex.FixIndex.Models;

/// <summary>
/// Evidence of a CVE fix in a distro package.
/// </summary>
public sealed record FixEvidence
{
    /// <summary>Distro identifier (e.g., "debian", "ubuntu", "alpine")</summary>
    public required string Distro { get; init; }

    /// <summary>Release/codename (e.g., "bookworm", "jammy", "v3.19")</summary>
    public required string Release { get; init; }

    /// <summary>Source package name</summary>
    public required string SourcePkg { get; init; }

    /// <summary>CVE identifier (e.g., "CVE-2024-1234")</summary>
    public required string CveId { get; init; }

    /// <summary>Fix state</summary>
    public required FixState State { get; init; }

    /// <summary>Version where the fix was applied (if applicable)</summary>
    public string? FixedVersion { get; init; }

    /// <summary>Method used to detect the fix</summary>
    public required FixMethod Method { get; init; }

    /// <summary>Confidence score (0.0 - 1.0)</summary>
    public required decimal Confidence { get; init; }

    /// <summary>Evidence payload for audit trail</summary>
    public required FixEvidencePayload Evidence { get; init; }

    /// <summary>Corpus snapshot ID (if from snapshot ingestion)</summary>
    public Guid? SnapshotId { get; init; }

    /// <summary>Timestamp when this evidence was created</summary>
    public DateTimeOffset CreatedAt { get; init; }
}

/// <summary>
/// Base class for evidence payloads.
/// </summary>
public abstract record FixEvidencePayload;

/// <summary>
/// Evidence from changelog parsing.
/// </summary>
public sealed record ChangelogEvidence : FixEvidencePayload
{
    /// <summary>Path to changelog file</summary>
    public required string File { get; init; }

    /// <summary>Version from changelog entry</summary>
    public required string Version { get; init; }

    /// <summary>Excerpt from changelog mentioning CVE</summary>
    public required string Excerpt { get; init; }

    /// <summary>Line number where CVE was mentioned</summary>
    public int? LineNumber { get; init; }
}

/// <summary>
/// Evidence from patch header parsing.
/// </summary>
public sealed record PatchHeaderEvidence : FixEvidencePayload
{
    /// <summary>Path to patch file</summary>
    public required string PatchPath { get; init; }

    /// <summary>SHA-256 digest of patch file</summary>
    public required string PatchSha256 { get; init; }

    /// <summary>Excerpt from patch header</summary>
    public required string HeaderExcerpt { get; init; }
}

/// <summary>
/// Evidence from official security feed.
/// </summary>
public sealed record SecurityFeedEvidence : FixEvidencePayload
{
    /// <summary>Feed identifier (e.g., "alpine-secfixes", "debian-oval")</summary>
    public required string FeedId { get; init; }

    /// <summary>Entry identifier within the feed</summary>
    public required string EntryId { get; init; }

    /// <summary>Published timestamp from feed</summary>
    public required DateTimeOffset PublishedAt { get; init; }
}