//
// Copyright (c) StellaOps. Licensed under the AGPL-3.0-or-later.
//
using System.Security.Cryptography;
namespace StellaOps.AdvisoryAI.Explanation;
public sealed class NullEvidenceRetrievalService : IEvidenceRetrievalService
{
private static readonly EvidenceContext EmptyContext = new()
{
SbomEvidence = Array.Empty(),
ReachabilityEvidence = Array.Empty(),
RuntimeEvidence = Array.Empty(),
VexEvidence = Array.Empty(),
PatchEvidence = Array.Empty(),
ContextHash = ComputeEmptyContextHash()
};
public Task RetrieveEvidenceAsync(
string findingId,
string artifactDigest,
string vulnerabilityId,
string? componentPurl = null,
CancellationToken cancellationToken = default)
=> Task.FromResult(EmptyContext);
public Task GetEvidenceNodeAsync(
string evidenceId,
CancellationToken cancellationToken = default)
=> Task.FromResult(null);
public Task ValidateEvidenceAsync(
IEnumerable evidenceIds,
CancellationToken cancellationToken = default)
=> Task.FromResult(true);
private static string ComputeEmptyContextHash()
{
var bytes = SHA256.HashData(Array.Empty());
return Convert.ToHexStringLower(bytes);
}
}